Bash script that spoofs hardware identifiers and some other things to better disguise a VirtualBox VM

A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings…

CTF challenges for the 2025 edition of https://pecanplus.org

Render static map images from Python using MapLibre Native.

Opensource IDE For Exploring and Testing API's (lightweight alternative to Postman/Insomnia)

Hurl, run and test HTTP requests with plain text.

Indicators of Compromises (IOC) of our various investigations

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

List of Applications that enable or natively support Attribute Based Access Control

Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.

An installation and update framework for Windows desktop apps

Collection of useful Canary tools

UART proxy tool for inter-chip analysis.

Main reference implementation for NLWeb, implemented in Python.

Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)

Find, verify, and analyze leaked credentials

Making Favicon.ico based Recon Great again !

SSHamble: Unexpected Exposures in SSH

Six Degrees of Domain Admin

A binary and file access authorization system for macOS.

The Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems.

A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.

AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Supports the implementation of the WA Government Information Classification Policy

A library and a set of tools for exploiting and communicating with Google's Quick Share devices.

A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).

In-depth attack surface mapping and asset discovery

CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, Privacy, and Reporting. It supports 130+ global frameworks with automatic control mapping, incl…