cyberust

💭

I may be slow to respond.

cyberust

💭

I may be slow to respond.

16 followers · 110 following

Stars

33 repositories

Integration-IT / Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

PowerShell 2,648 518 Updated Jul 6, 2025

rmusser01 / Infosec_Reference

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

CSS 5,846 1,217 Updated Oct 20, 2025

akamai / Invoke-DHCPCheckup

PowerShell 109 17 Updated Feb 13, 2024

netero1010 / GhostTask

A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

C 585 67 Updated Jan 2, 2025

infosecn1nja / AD-Attack-Defense

Attack and defend active directory using modern post exploitation adversary tradecraft activity

4,736 1,086 Updated Jul 29, 2025

Spacial / awesome-csirt

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

C 561 101 Updated Aug 12, 2025

beahunt3r / Windows-Hunting

350 87 Updated Mar 19, 2021

p4p1 / havoc-bloodhound

A GUI wrapper inside of Havoc to interact with bloodhound CE

Python 71 13 Updated Feb 3, 2024

nickvourd / Windows-Local-Privilege-Escalation-Cookbook

Windows Local Privilege Escalation Cookbook

PowerShell 1,207 189 Updated Jan 20, 2025

hackerhouse-opensource / SignToolEx

Patching "signtool.exe" to accept expired certificates for code-signing.

C++ 295 51 Updated Jul 19, 2024

hackerhouse-opensource / WMIProcessWatcher

A CIA tradecraft technique to asynchronously detect when a process is created using WMI.

C++ 136 29 Updated Dec 29, 2023

hackerhouse-opensource / Artillery

CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.

C 182 31 Updated Jan 3, 2024

infosecB / awesome-detection-engineering

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifyin…

1,077 106 Updated Jun 30, 2025

rodolfomarianocy / OSCP-Tricks-2023

OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines

1,046 230 Updated Oct 27, 2024

sokaRepo / CoercedPotatoRDLL

Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege

C 223 34 Updated Nov 23, 2023

cisagov / ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines

PowerShell 2,339 328 Updated Nov 5, 2025

SpecterOps / AzureHound

Azure Data Exporter for BloodHound

Go 816 116 Updated Oct 23, 2025

Azure / Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Python 5,334 3,407 Updated Nov 5, 2025

Leo4j / Amnesiac

Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments

PowerShell 433 67 Updated Oct 1, 2025

xforcered / ADOKit

Azure DevOps Services Attack Toolkit

C# 300 34 Updated Mar 15, 2025

AirbusProtect / AD-Canaries

The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Canary objects.

PowerShell 256 12 Updated Nov 24, 2023