LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 3,810 (+1241.55%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-78.52%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 1,506 (+430.28%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-78.87%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-72.18%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-69.01%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-55.28%)
MalwlessTest Blue Team detections without running any attack.
Stars: ✭ 215 (-24.3%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-88.03%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-61.97%)
UltimateapplockerbypasslistThe goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186 (+317.61%)
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+2023.24%)
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-44.01%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+1208.1%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (+5.99%)
CypherothAutomated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Stars: ✭ 179 (-36.97%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-39.79%)
Repo SupervisorScan your code for security misconfiguration, search for passwords and secrets. 🔍
Stars: ✭ 482 (+69.72%)
BlueTeam.LabBlue Team detection lab created with Terraform and Ansible in Azure.
Stars: ✭ 82 (-71.13%)
MalwarepersistencescriptsA collection of scripts I've written to help red and blue teams with malware persistence techniques.
Stars: ✭ 103 (-63.73%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+200.7%)
goblin一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+197.18%)
Deploy DeceptionA PowerShell module to deploy active directory decoy objects.
Stars: ✭ 109 (-61.62%)
Pidense🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)
Stars: ✭ 358 (+26.06%)
SlackpirateSlack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
Stars: ✭ 512 (+80.28%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-87.68%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-74.65%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+173.24%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-85.21%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (+51.76%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+2074.3%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+211.97%)
PwnedPasswordsCheckerSearch (offline) if your password (NTLM or SHA1 format) has been leaked (HIBP passwords list v8)
Stars: ✭ 52 (-81.69%)
uberduckyWireless USB Rubber Ducky triggered via BLE (make your Ubertooth quack!)
Stars: ✭ 80 (-71.83%)
palinka c2Just another useless C2 occupying space in some HDD somewhere.
Stars: ✭ 14 (-95.07%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (-55.28%)
qradarUnofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
Stars: ✭ 53 (-81.34%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+47.18%)
AzureCLI-ExtractorA tool to extract and abuse access tokens from AzureCLI for bypassing 2FA/MFA.
Stars: ✭ 43 (-84.86%)
GoPhish-TemplatesGoPhish Templates that I have retired and/or templates I've recreated.
Stars: ✭ 76 (-73.24%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (-16.55%)
Blue TeamBlue Team Scripts
Stars: ✭ 190 (-33.1%)
DNSWhotransmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV
Stars: ✭ 47 (-83.45%)
BlueCloudCyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
Stars: ✭ 88 (-69.01%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-40.85%)
cheatsheetThese are some of the commands which I use frequently during Malware Analysis and DFIR.
Stars: ✭ 23 (-91.9%)
Windows hardeningWindows Hardening settings and configurations
Stars: ✭ 148 (-47.89%)
LogontracerInvestigate malicious Windows logon by visualizing and analyzing Windows event log
Stars: ✭ 1,914 (+573.94%)
REW-sploitEmulate and Dissect MSF and *other* attacks
Stars: ✭ 115 (-59.51%)
ETWNetMonv3ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Stars: ✭ 32 (-88.73%)
SLibSLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#
Stars: ✭ 50 (-82.39%)
atermIt records your terminal, then lets you upload to ASHIRT
Stars: ✭ 17 (-94.01%)
FlerkenA Solution For Cross-Platform Obfuscated Commands Detection presented on CIS2019 China. 动静态Bash/CMD/PowerShell命令混淆检测框架 - CIS 2019大会
Stars: ✭ 133 (-53.17%)
FalconfridayBi-weekly hunting queries
Stars: ✭ 125 (-55.99%)