A repository of tools for pentesting of restricted and isolated environments.

Checklist of the most important security countermeasures when designing, testing, and releasing your API

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory

A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities

Tool for Active Directory Certificate Services enumeration and abuse

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

AADInternals PowerShell module for administering Azure AD and Office 365

Cobalt Strike Beacon configuration extractor and parser.

Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

Some notes and examples for cobalt strike's functionality

Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names

Check Domain Categorization

The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the pro…

Custom scripts for the PIPER Burp extensions.

KQL Queries. Microsoft Defender, Microsoft Sentinel

Documentation and scripts to properly enable Windows event logs.

This repo is about Active Directory Advanced Threat Hunting

Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.

Bruteforces Fortinet SSL VPNs

Advanced Python Mastery (course by @dabeaz)

An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a Tweets and more while evading most API limitations.

A template for writing a condensed course index leveraging LaTeX indexing

NIST CyberSecurity Framework management tool

IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related

🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

A repository that maps API calls to Sysmon Event ID's.

OSSEM Detection Model