SCuBA Secure Configuration Baselines and assessment tool for Google Workspace

Automation to assess the state of your M365 tenant against CISA's baselines

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

Simulating shitty network connections so you can build better systems.

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Tool for Active Directory Certificate Services enumeration and abuse

HFS is a web file server to run on your computer. Share folders or even a single file thanks to the virtual file system.

Zui is a powerful desktop application for exploring and working with data. The official front-end to the Zed lake.

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

An ADCS honeypot to catch attackers in your internal network.

Module to compile powershell scripts to executables

Not PowerShell

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it wi…

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

Wordlist generated using leaked databases, Pipal, and CUPP.

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

"Golden" certificates

Trying to tame the three-headed dog.

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Hashcat Cheatsheet for OSCP

One rule to crack all passwords. or atleast we hope so.

Search tool to find specific files containing specific words, i.e. files containing passwords..

Cheat Sheet High School Student

Wordlists for creating statistically likely username lists for use in password attacks and security testing