A workshop about Malware Development

Certified Red Team Operator

Sample queries for Advanced hunting in Microsoft 365 Defender

Extract credentials from lsass remotely

This repo covers some code execution and AV Evasion methods for Macros in Office documents

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Detect Tactics, Techniques & Combat Threats

Python Data Science Handbook: full text in Jupyter Notebooks

A toolset to make a system look as if it was the victim of an APT attack

Course repository for PowerShell for Pentesters Course

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Contains Logstash related content including tons of Logstash configurations

Covenant is a collaborative .NET C2 framework for red teamers.

SharpSploit is a .NET post-exploitation library written in C#

Web application fuzzer

Generic Signature Format for SIEM Systems

Elemental - An ATT&CK Threat Library

Sysmon configuration file template with default high-quality event tracing

Trying to tame the three-headed dog.

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

A tool to perform Kerberos pre-auth bruteforcing

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Connect like there is no firewall. Securely.

Some notes and examples for cobalt strike's functionality

A collection of red team and adversary emulation resources developed and released by MITRE.

Linux privilege escalation auditing tool

A curated list of awesome threat detection and hunting resources

A set of Zeek scripts to detect ATT&CK techniques.