KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Generate an application profile containing metrics/properties for Kubernetes workloads based on runtime behavior.

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

CLI tool for open source and threat intelligence

Executes position independent shellcode from an encrypted zip

OpenFuck exploit updated to linux 2018 - Apache mod_ssl < 2.8.7 OpenSSL - Remote Buffer Overflow

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileg…

A tool for identifying misconfigured CloudFront domains

A Python3 module for MalwareBazaar API

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web f…

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

Real-time HTTP Intrusion Detection

Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

OWASP Foundation Web Respository

Multi-Cloud Security Auditing Tool

A multi-process batch flac converter. For music lovers with large collections :-)

A command line security audit tool for Amazon Web Services

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…

📝 Markdown preview in Atom

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Online hash checker for Virustotal and other services

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Random scripts posted for my blog at http://aka.ms/goateepfe

PowerSploit - A PowerShell Post-Exploitation Framework

Six Degrees of Domain Admin

The Most Comprehensive Docker Security Scanner

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.