Please no pull requests for this repository. Thanks!

A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.

Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets

Scripts to facilitate enabling of PS logging for Splunk

A repository of sysmon configuration modules

Flipper Zero Firmware

Sysmon configuration file template with default high-quality event tracing

Attack and defend active directory using modern post exploitation adversary tradecraft activity

Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)

A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities

TrustedSec Sysinternals Sysmon Community Guide

Adversary Tactics - PowerShell Training

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

SharpWMI is a C# implementation of various WMI functionality.

Leaked Muddyc3 C2 source.

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.

SharpRoast is a C# port of various PowerView's Kerberoasting functionality.

Incident Response Methodologies

My collection of nmap NSE scripts

Various snippets created during malware analysis

venom (metasploit) shellcode generator/compiler/listener

Simulating Adversary Operations

SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strin…

A collection of awesome penetration testing resources, tools and other shiny things

Some older Splunk searches for threat intel from Sysmon

The goal of this repository is to document the most common techniques to bypass AppLocker.

Nishang - PowerShell for penetration testing and offensive security.

Duct Tape Command and Control!

OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.