AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Sysmon configuration file template with default high-quality event tracing

A repository for using windows event forwarding for incident detection and response

This repository is created to add value to existing Network Security Monitoring solutions.

Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy calculations. Uses character pair frequency analysis to deter…

An intercepting proxy for web application testing

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.

The Browser Exploitation Framework Project

Empire is a pure PowerShell post-exploitation agent.

PowerTools is a collection of PowerShell projects with a focus on offensive operations.

The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

Cracks SSL PEM files that hold encrypted private keys. Brute forces or dictionary cracks. This code is extraordinarily slow, DON'T JUDGE ME!!!

CTF framework used by Gallopsled in every CTF

Client/Server scripts to transfer files over DNS. Client scripts are small and only use native tools on the host OS.

Some setup scripts for security research tools.

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files,…

Egress-Assess is a tool used to test egress data detection capabilities

Network Infrastructure Penetration Testing Tool

Create fake AP in Kali with 1 command

application server attack toolkit

(Unofficial) Python API for https://malwr.com/

(Unofficial) Python API for http://dnsdumpster.com/

Broadcast Anonymous Routing - A scalable system for efficient anonymous communications

Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use.