Jerzy 'Yuri' Kramarz

Elite
@op7ic

Thinker, Red and Blue operator

EDR-Testing-Script. Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

319

BlueTeam.Lab. Blue Team detection lab created with Terraform and Ansible in Azure.

187

RT-CyberShield. Protecting Red Team infrastructure with cyber shield blocking AWS/AZURE/IBM/Digital Ocean/TOR/AV IP/ETC. ranges

45

unix_collector. unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

43

shadowbroker-smb-scanner. shadowbroker SMB exploit scanner. Scans for ETERNALSYNERGY ETERNALBLUE ETERNALROMANCE ETHERNALCHAMPION

42

LeakGenerator. Generate your own personal data leak

40

Cloud-Investigate. A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.

37

GeoIPPlotter. GeoIP plotting script written in Python to help security teams draw visualized reports from IP addresses

20

OS.LAB. Operating System testbed created with Terraform to test payloads, programs and compatibility on different OS versions. Supports AWS and Azure.

20

amphunt. This repository contains advanced threat hunting scripts for Cisco Secure Endpoint API. The scripts leverage the AMP API to hunt for threats, analyze endpoint behavior, and detect potential compromises across the environment using API version 0 and 1. Now supporting AI SKILLs concept.

14

Dataroma-Analyzer. Dataroma Stock Analyzer

12

powershell-reverse-shell. Simple Powershell Reverse Shell with handling server in python

10

WINFINGER. A collection of Windows hashes generated against windows installation ISOs using sigcheck from Sysinternals

10

investigatehunt. Cisco Umbrella Investigate threat hunting scripts

8

DNS-Testing-Script. Test the accuracy of DNS monitoring and blocking solution.

7

Bad-Firewall. Bad IP blocking firewall with ipset, iptables and a dash of bash.

7

ai-bug-hunter. AI bug hunter prompt

5

LokiToWinEventLog. A PowerShell-based integration tool that enables Loki to log detection results directly to Windows Event Log for enterprise-scale IOC (Indicators of Compromise) monitoring and incident response.

4

Invoke-DomainHasher. A threat hunting tool designed to help in identifying unknown binaries across windows domain.

4

amp-policy-kit. Cisco Secure Endpoint policy assessment kit

3

SHARPPENCIL. A PowerShell and C# implementation of LDAP attribute extraction for domain users

3

Pe-SieveToWinEventLog. A PowerShell-based integration tool that enables pe-sieve to log detection results directly to Windows Event Log for enterprise-scale security monitoring and incident response.

3

DCOM-Audit. DCOM-Audit: Enumerate, Audit, and Secure DCOM objects

3

massJARM. A high-performance, threaded implementation of JARM fingerprinting with smart port detection, rate limiting, and flexible input/output options.

2

meraki-hunting. Threat hunting scripts for Cisco Meraki installations

2

SwarmMaker. A framework for building AI agents. Compile unstructured knowledge into validated, installable AI agent skill bundles for Claude, Codex, and Gemini

2

Codeword-Generator-Collection. Codeword generators written in common programming and scripting languages

1

MCuban_Blog. Mark Cuban blog copy (in PDF)

1

evtxpickup. Windows Active Directory event (Evtx) collection script for scaled up forensic investigations.

1

EVTX-ATTACK-SAMPLES. Windows Events Samples

1
30
Apply