All sysmon event types and their fields explained

A method of bypassing EDR's active projection DLL's by preventing entry point exection

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

An automated target reconnaissance pipeline.

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

StandIn is a small .NET35/45 AD post-exploitation toolkit

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

IBM RedCON 2020 - Throwing an AquaWrench into the Kernel

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

Also known by Microsoft as Knifecoat 🌶️

An ELK environment containing interesting security datasets.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF