D4rthMaulCop's Stars
werdhaihai/SharpAltShellCodeExec
Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
S3cur3Th1sSh1t/Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
rasta-mouse/SharpC2
Command and Control Framework written in C#
bohops/DynamicDotNet
A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
CCob/SharpBlock
A method of bypassing EDR's active projection DLL's by preventing entry point exection
CCob/ThreadlessInject
Threadless Process Injection using remote function hooking.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
ihebski/A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
trustedsec/trevorc2
TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.
aboutsecurity/blueteam_homelabs
Great List of Resources to Build an Enterprise Grade Home Lab
x0rz/EQGRP
Decrypted content of eqgrp-auction-file.tar.xz
TonyPhipps/Powershell
Tony's collection of powershell scripts, typically geared toward cybersec
davidprowe/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
TheresAFewConors/Sooty
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
tobor88/ReversePowerShell
Functions that can be used to gain Reverse Shells with PowerShell
SwiftOnSecurity/sysmon-config
Sysmon configuration file template with default high-quality event tracing
SigmaHQ/sigma
Main Sigma Rule Repository
VirusTotal/vt-py
The official Python 3 client library for VirusTotal
VirusTotal/yara
The pattern matching swiss knife
bats3c/darkarmour
Windows AV Evasion
bats3c/shad0w
A post exploitation framework designed to operate covertly on heavily monitored environments
aw-mfe/esm_query_tester
Build and test McAfee ESM queries with a YAML template
CERT-Polska/drakvuf-sandbox
DRAKVUF Sandbox - automated hypervisor-level malware analysis system
salesforce/cloudsplaining
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
alexandreborges/malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest, VxExchange and IPInfo, and it is also able to scan Android devices against VT.
sbousseaden/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
sevagas/macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
nsacyber/Event-Forwarding-Guidance
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
nshalabi/SysmonTools
Utilities for Sysmon
randomuserid/Tylium
Primary data pipelines for intrusion detection, security analytics and threat hunting