Adversary emulation libraryAn open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Stars: ✭ 295 (+55.26%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-65.26%)
CalderaAutomated Adversary Emulation Platform
Stars: ✭ 3,126 (+1545.26%)
Atc ReactA knowledge base of actionable Incident Response techniques
Stars: ✭ 226 (+18.95%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (+263.16%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-51.58%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1012.63%)
ResponseMonzo's real-time incident response and reporting tool ⚡️
Stars: ✭ 1,252 (+558.95%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+546.84%)
ThehiveTheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+1110.53%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (-33.68%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-63.16%)
SiacSIAC is an enterprise SIEM built on open-source technology.
Stars: ✭ 100 (-47.37%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-21.05%)
Atomic Red Team Intelligence C2ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Stars: ✭ 87 (-54.21%)
Community ThreatsThe GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.
Stars: ✭ 169 (-11.05%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (-28.42%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-61.58%)
WefflesBuild a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Stars: ✭ 176 (-7.37%)
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (-75.79%)
SleightEmpire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-76.84%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-14.74%)
Attack Control Framework MappingsSecurity control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Stars: ✭ 115 (-39.47%)
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
Stars: ✭ 41 (-78.42%)
Go Deliver Go-deliver is a payload delivery tool coded in Go.
Stars: ✭ 103 (-45.79%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (-20%)
SliverAdversary Simulation Framework
Stars: ✭ 1,348 (+609.47%)
Aurora Incident ResponseIncident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Stars: ✭ 171 (-10%)
AwesomeA curated list of awesome things related to TheHive & Cortex
Stars: ✭ 88 (-53.68%)
SleuthkitThe Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Stars: ✭ 1,948 (+925.26%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-55.26%)
Adversarial Robustness ToolboxAdversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
Stars: ✭ 2,638 (+1288.42%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+557.37%)
Thehive4pyPython API Client for TheHive
Stars: ✭ 143 (-24.74%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (-11.58%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-60.53%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-29.47%)
Shad0wA post exploitation framework designed to operate covertly on heavily monitored environments
Stars: ✭ 1,166 (+513.68%)
OsctrlFast and efficient osquery management
Stars: ✭ 183 (-3.68%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+497.89%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-33.16%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-75.26%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-14.74%)
Ios Triageincident response tool for iOS devices
Stars: ✭ 42 (-77.89%)
Pcap AttackPCAP Samples for Different Post Exploitation Techniques
Stars: ✭ 175 (-7.89%)
AggressorscriptsCollection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Stars: ✭ 1,008 (+430.53%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-40.53%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+413.68%)
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-16.32%)
Misp MaltegoSet of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
Stars: ✭ 112 (-41.05%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-95.26%)
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-88.42%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-43.16%)