Lists (32)
Adversary Simulation
Adversary simulationsAI-LLM
Promp engineering etc.Attack Simulation and Automation
Attack simulation, detection engineering, purple teaming. etc.Blue Team Tools
Data Science
Data Visualization
Interactive dashboarding etc.DFIR
DFIR and Hunting Tools
Useful tools for threat hunting and DFIRDFIR: Cloud
Graph
Identity and Cloud
Entra ID, Azure related ttack and defenseJupyter and Python
Knowledge Repos
LOLBins, query repos, etc.Lab Environment and Automation
Malware Analysis and YARA
Microsoft Sentinel and Defender
Red Team: Collection
Red Team: Command and Control
RAT tools etc.Red Team: Credential Access
Red Team: Defense Evasion
Red Team: Discovery
Bloodhound, Kubehound, and other stuffRed Team: Execution
Red Team: Exfiltration
Red Team: Initial Access
Phishing, etc.Red Team: Lateral Movement
Red Team: Persistence
Red Team: Privilege Escalation
Red Team: Reconnaissance
Red Team: Resource Development
Red Team Tools
Red team toolsSecurity Data Science
Training
Stars
Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…
IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare
Simple & Powerful PowerShell Script Obfuscator
Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.
load shellcode without P/D Invoke and VirtualProtect call.
A powerful shell script for creating custom WSL (Windows Subsystem for Linux) distributions with embedded payloads.
The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷
Client-side Encrypted Upload Server Python Script
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
Pipeline that allows sending forensic artifacts to OpenRelik for automatic processing
Execute commands interactively on remote Windows machines using the WinRM protocol
Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
PowerShell tools to help defenders hunt smarter, hunt harder.
Attempt at Obfuscated version of SharpCollection
Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
early cascade injection PoC based on Outflanks blog post
Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.
PowerShell for Active Directory, Defender XDR, Entra ID, Exchange Server, Microsoft 365, Windows, and more! ✌️
Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies
Scripts and tools for use with Microsoft products/technologies
smbclient-ng, a fast and user friendly way to interact with SMB shares.