John-Resident's Stars
juanjoSanz/aws-pentesting-lab
Pentesting lab with a Kali Linux instance accessible via ssh & wireguard VPN and with vulnerable instances in a private subnet
Cisco-Talos/IOCs
Indicators of Compromise
netbiosX/Checklists
Red Teaming & Pentesting checklists for various engagements
vxunderground/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
ps-interactive/labs_modern_malware_c2
labs_modern_malware_c2 Originally supporting Defcon workshop, will morph into Attack Defend for C2.
atc-project/atomic-threat-coverage
Actionable analytics designed to combat threats
infosecn1nja/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
FalconForceTeam/FalconFriday
Hunting queries and detections
krol3/container-security-checklist
Checklist for container security - devsecops practices
trustedsec/social-engineer-toolkit
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
trustedsec/ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
tclahr/uac
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
odedshimon/BruteShark
Network Analysis Tool
noraj/OSCP-Exam-Report-Template-Markdown
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
JPCERTCC/LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
strandjs/IntroLabs
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
ashemery/LinuxForensics
Everything related to Linux Forensics
joshlemon/DFIR-Reference-Frameworks
Repository of public reference frameworks for the DFIR community.
AzureAD/Azure-AD-Incident-Response-PowerShell-Module
The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.
S1ckB0y1337/Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
GoFetchAD/GoFetch
GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
cisagov/log4j-scanner
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
google/docker-explorer
A tool to help forensicate offline docker acquisitions
fox-it/log4j-finder
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
duo-labs/cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
OWASP/user-security-stories
Repo to hold mapping of user-security-stories
riramar/Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
bfuzzy/auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework