Pinned Repositories
All_NTLM_leak
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
awesome-cve-poc
✍️ A curated list of CVE PoCs.
BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
BloodHound
Six Degrees of Domain Admin
BLUELAY
Searches online paste sites for certain search terms which can indicate a possible data breach.
caldera
An automated adversary emulation system
CheckPlease
Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
SEP_advanced_application_control
APPLICATION CONTROL RULES FOR DEFENDING AGAINST ADVANCED ATTACKS
steal_NTLM_ncat
Gl3bGl4z's Repositories
Gl3bGl4z/All_NTLM_leak
Gl3bGl4z/SEP_advanced_application_control
APPLICATION CONTROL RULES FOR DEFENDING AGAINST ADVANCED ATTACKS
Gl3bGl4z/steal_NTLM_ncat
Gl3bGl4z/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Gl3bGl4z/awesome-cve-poc
✍️ A curated list of CVE PoCs.
Gl3bGl4z/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
Gl3bGl4z/BloodHound
Six Degrees of Domain Admin
Gl3bGl4z/caldera
An automated adversary emulation system
Gl3bGl4z/CheckPlease
Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
Gl3bGl4z/chrome_v80_password_grabber
Grab passwords from Chrome > v80 using their new AES encryption
Gl3bGl4z/CVE-2019-0841
PoC code for CVE-2019-0841 Privilege Escalation vulnerability
Gl3bGl4z/dirty_sock
Linux privilege escalation exploit via snapd (CVE-2019-7304)
Gl3bGl4z/flare-fakenet-ng
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
Gl3bGl4z/Inveigh
Windows PowerShell ADIDNS/LLMNR/mDNS/NBNS spoofer/man-in-the-middle tool
Gl3bGl4z/knowledge
Links to various sources for infosec knowledge
Gl3bGl4z/LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
Gl3bGl4z/maltrail
Malicious traffic detection system
Gl3bGl4z/mordor
Re-play Adversarial Techniques
Gl3bGl4z/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Gl3bGl4z/public
Gl3bGl4z/public_tools
Gl3bGl4z/redteam
Red Team Scripts by d0nkeys (ex SnadoTeam)
Gl3bGl4z/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Gl3bGl4z/sigma
Sigma rules
Gl3bGl4z/sigma-1
Generic Signature Format for SIEM Systems
Gl3bGl4z/Spring4Shell-POC
Spring4Shell Proof Of Concept/Information
Gl3bGl4z/SpringCore0day
SpringCore0day from https://share.vx-underground.org/
Gl3bGl4z/toxy
Hackable HTTP proxy for resiliency testing and simulated network conditions
Gl3bGl4z/tzabar
Gl3bGl4z/windows
Useful Windows 7, 8, 10, and Windows Server PowerShell scripts. These are for my personal use.