Lists (16)
ATLAS Adversarial ML
AI/ML Security: MITRE ATLAS (atlas.mitre.org) + OWASP LLM Top 10 + Google SAIF. Covers prompt injection, model tampering, data poisoning, agent security, privac28 repositories
TA0001 Initial Access
Initial Access (TA0001): Gaining initial foothold in target networks. Includes phishing, exploiting public-facing apps, supply chain compromise, valid accounts. https://attack.mitre.org/tactics/TA000160 repositories
TA0002 Execution
Execution (TA0002): Running malicious code on target systems. Includes command interpreters, scripting, native APIs, exploitation for client execution. https://attack.mitre.org/tactics/TA0002319 repositories
TA0003 Persistence
Persistence (TA0003): Maintaining access across restarts and credential changes. Includes registry run keys, scheduled tasks, bootkit, implants, account manipulation. https://attack.mitre.org/tactics/TA000334 repositories
TA0004 Privilege Escalation
Privilege Escalation (TA0004): Gaining higher-level permissions. Includes exploitation, access token manipulation, UAC bypass, AD escalation, sudo/setuid abuse. https://attack.mitre.org/tactics/TA000492 repositories
TA0005 Defense Evasion
Defense Evasion (TA0005): Avoiding detection. Includes obfuscation, disabling security tools, process injection, masquerading, AMSI/ETW bypass, rootkits. https://attack.mitre.org/tactics/TA0005325 repositories
TA0006 Credential Access
Credential Access (TA0006): Stealing credentials. Includes password dumping, Kerberoasting, credential harvesting, brute force, keylogging, LSASS access. https://attack.mitre.org/tactics/TA0006135 repositories
TA0007 Discovery
Discovery (TA0007): Understanding target environment. Includes network enumeration, AD recon, system info gathering, account discovery, BloodHound. https://attack.mitre.org/tactics/TA0007151 repositories
TA0008 Lateral Movement
Lateral Movement (TA0008): Moving through the network. Includes pass-the-hash, RDP, SMB/WMI exec, SSH tunneling, pivoting, proxychains. https://attack.mitre.org/tactics/TA000878 repositories
TA0009 Collection
Collection (TA0009): Gathering target data. Includes screen capture, keylogging, email harvesting, clipboard data, memory dumping, secret scanning. https://attack.mitre.org/tactics/TA000921 repositories
TA0010 Exfiltration
Exfiltration (TA0010): Stealing data from target. Includes covert channels, DNS tunneling, steganography, encrypted transfers, cloud storage abuse. https://attack.mitre.org/tactics/TA001010 repositories
TA0011 Command and Control (C2)
Command and Control (TA0011): Communicating with compromised systems. Includes C2 frameworks (Cobalt Strike, Sliver), domain fronting, protocol tunneling. https://attack.mitre.org/tactics/TA0011247 repositories
TA0040 Impact
Impact (TA0040): Disrupting availability or integrity. Includes ransomware, data destruction, defacement, resource hijacking, service disruption. https://attack.mitre.org/tactics/TA00406 repositories
TA0042 Resource Development
Resource Development (TA0042): Building attack infrastructure. Includes payload development, infrastructure setup, capability acquisition, tool compilation. https://attack.mitre.org/tactics/TA0042420 repositories
TA0043 Reconnaissance
Reconnaissance (TA0043): Gathering target information. Includes OSINT, subdomain enumeration, network scanning, social engineering research. https://attack.mitre.org/tactics/TA0043168 repositories
Threat Hunting
Threat Hunting related repositories123 repositories
Starred repositories
30
stars
written in HCL
Clear filter
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into product…
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
Cloudblock deploys secure ad-blocking and VPN for all devices. Text and video guides included! 6 supported cloud providers, plus Ubuntu and Raspberry Pi. Cloudblock deploys Wireguard VPN, Pi-Hole D…
A place for the core work of the Modernisation Platform • This repository is defined and managed in Terraform
🔧 Deploy customizable Active Directory labs in Azure - automatically.
byt3bl33d3r / Red-Baron
Forked from Coalfire-Research/Red-BaronAutomate creating resilient, disposable, secure and agile infrastructure for Red Teams
Disposable and resilient red team infrastructure with Terraform
An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built for IaC stability, consistency, and speed.
Slides and Codes used for the workshop Red Team Infrastructure Automation
Bicep and Terraform code examples for policy-as-code workflows. Azure governance guardrails and automation - by @JesseLoudon
A repo self-lead to give you an understanding on deploying Terraform on Azure
WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
A Docker container for remote penetration testing.
Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
Companion code repository for learning to provision Terraform instances with Packer & cloud-init
Various course materials, scripts, and configurations from my Offensive Security Engineering Course and Book "Red Team Engineering"
DevOps for Hackers with Hands-On Labs w/ Ralph May (4-Hour Workshop)
Terraform script to deploy AD-based environment on Azure
A cloud automation system for Red Teams based on Terraform and Ansible
This Terraform project creates a custom VPC with public and private subnets, an EC2 bastion host with a security group in the public subnet, an EKS cluster with a network interface in the public su…
Follow Terraform Best Practice 🤖 ⚙️ 🔧
An example of using terraform nested for loop to complement the TDS article
A Terraform module for GitHub repositories in the Ministry of Justice • This repository is defined and managed in Terraform
Template repository for creating Terraform modules for use with the Modernisation Platform • This repository is defined and managed in Terraform