Python tool for converting files and office documents to Markdown.

A resource containing all the tools each ransomware gangs uses

real time face swap and one-click video deepfake with only a single image

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifyin…

Rules shared by the community from 100 Days of YARA 2024

A principled instruction benchmark on formulating effective queries and prompts for large language models (LLMs). Our paper: https://arxiv.org/abs/2312.16171

Interact with your documents using the power of GPT, 100% privately, no data leaks

Enhanced ChatGPT Clone: Features Agents, Anthropic, AWS, OpenAI, Assistants API, Azure, Groq, o1, GPT-4o, Mistral, OpenRouter, Vertex AI, Gemini, Artifacts, AI model switching, message search, Code…

AI chat for any model.

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

A framework to enable multimodal models to operate a computer.

Tool for building Kubernetes attack paths

An open-source collection of API key rotation tutorials.

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack …

DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation of repeatable detection samples in the cloud. Built on Google…

DFIQ is a collection of investigative questions and the approaches for answering them

Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.

Table of AD and Azure assets and whether they belong to Tier Zero

The OpenTF Manifesto expresses concern over HashiCorp's switch of the Terraform license from open-source to the Business Source License (BSL) and calls for the tool's return to a truly open-source …

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat

ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit …

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

So, you think you have MFA? AAD/ROPC/MFA bypass testing tool

Supercharged experience for multiple models such as ChatGPT, DALL-E and Stable Diffusion.

This map lists the essential techniques to bypass anti-virus and EDR

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.