Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

Automation to assess the state of your M365 tenant against CISA's baselines

A fully open source & end-to-end encrypted note taking alternative to Evernote.

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

tool for generating wordlists or extending an existing one using mutations.

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)

Confluence Server Webwork OGNL injection

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Collaborative Incident Response platform

mailcow: dockerized - 🐮 + 🐋 = 💕

NetSPI PowerShell Scripts

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.

A wiki focusing on aggregating and documenting various SQL injection methods

A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.

A turbo traffic generator pentesting tool to generate random traffic with random MAC and IP addresses in addition to random sequence numbers to a particular IP and port.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Browser In The Browser (BITB) Templates

Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.

This repo is where I store my Threat Hunting ideas/content

Rockyou for web fuzzing

GUI for snapper, a tool for Linux filesystem snapshot management, works with btrfs, ext4 and thin-provisioned LVM volumes