Aralez is a triage tool for Windows that automates the collection of system information, network/process data, and files from NTFS.

Re-play Security Events

AV/EDR Evasion Lab for Training & Learning Purposes

Search for potential frontable domains

Collection of Cyber Threat Intelligence sources from the deep and dark web

Minimal, flexible, and easy-to-expand FreeBSD jail manager.

A fast TCP/UDP tunnel over HTTP

IntelOwl: manage your Threat Intelligence at scale

The Hunting ELK

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…

An XSS exploitation command-line interface and payload generator.

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, co…

🦆 Malduck is your ducky companion in malware analysis journeys

DRAKVUF Black-box Binary Analysis

Open Cyber Threat Intelligence Platform

ScareCrow - Payload creation framework designed around EDR bypass.

Python script to decode common encoded PowerShell scripts

Some useful scripts for CobaltStrike

ZincSearch . A lightweight alternative to elasticsearch that requires minimal resources, written in Go.

Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI

Arsenal is just a quick inventory and launcher for hacking programs

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.

List of Awesome CobaltStrike Resources

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Coba…