TeamServer and Client of Exploration Command and Control Framework

Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments

Hunting Exchange And Research Threat Hub

Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive da…

The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Canary objects.

A framework for developing alerting and detection strategies for incident response.

DARKARMY Hacking Tools Pack - A Penetration Testing Framework .

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

This GIT repo (C language) holds applications and utilities for the Behringer X32 and M32 mixing consoles. Additional details, documentation, implementation examples and apps can be found in my web…

AV/EDR Lab environment setup references to help in Malware development

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

Nuke It From Orbit - remove AV/EDR with physical access

lsassdump via RtlCreateProcessReflection and NanoDump

Evasive shellcode loader

PowerShell Obfuscator

KQL Queries. Microsoft Defender, Microsoft Sentinel

PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting

A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.

PowerShell for Active Directory, Defender XDR, Entra ID, Exchange Server, Microsoft 365, Windows, and more! ✌️

Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules

Cloud Offensive Breach and Risk Assessment (COBRA) Tool

Lab used for workshop and CTF

A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities