A collaborative, multi-platform, red teaming framework

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

Automating the MITM attack on WSUS

Modify AD-Integrated DNS Zone Dynamic Update settings via LDAP. Bypasses DNS Server RPC by directly editing the dNSProperty attribute. Requires WriteProperty on dNSProperty or higher privileges on …

Situational Awareness commands implemented using Beacon Object Files

The official GitHub mirror of the Chromium source

A library for patching, replacing and decorating .NET and Mono methods during runtime

A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, want some binaries updated, or you think that some of them sho…

One Token To Rule Them All https://labs.mwrinfosecurity.com/blog/incognito-v2-0-released/

idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro

Set of tools to analyze Windows sandboxes for exposed attack surface.

Linux #rootkit and #malware revealer

UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of U…

Better version of SharpPick

Study materials for the Certified Red Team Expert (CRTE) exam, covering essential concepts in red teaming and penetration testing.

GDT (Ghidra Data Type) generated from IDA tils

Focus on prompting and generating

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

Adversary Emulation Framework

RACE is a PowerShell module for executing ACL attacks against Windows targets.

Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without relying on event logs

Identifies the bytes that Microsoft Defender flags on.

WinDivert: Windows Packet Divert

Hide your Powershell script in plain sight. Bypass all Powershell security features

The Hunt for Malicious Strings