Pinned Repositories
APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
awesome-incident-response
A curated list of tools for incident response
awesome-pcaptools
A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.
CrossC2
generate CobaltStrike's cross-platform payload
CVE-2023-23397-POC
Exploit POC for CVE-2023-23397
CVE-2023-23397-POC-Using-Interop-Outlook
muddyc3-Revived
Ninja
Open source C2 server created for stealth red team operations
Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Scripts
all published scripts devloped by ahmed khlief
ahmedkhlief's Repositories
ahmedkhlief/APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
ahmedkhlief/Ninja
Open source C2 server created for stealth red team operations
ahmedkhlief/Scripts
all published scripts devloped by ahmed khlief
ahmedkhlief/CVE-2023-23397-POC
Exploit POC for CVE-2023-23397
ahmedkhlief/CrossC2
generate CobaltStrike's cross-platform payload
ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook
ahmedkhlief/Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
ahmedkhlief/awesome-incident-response
A curated list of tools for incident response
ahmedkhlief/awesome-pcaptools
A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.
ahmedkhlief/CrossC2-1
generate CobaltStrike's cross-platform payload
ahmedkhlief/Havoc
The Havoc Framework
ahmedkhlief/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
ahmedkhlief/sauron
A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.
ahmedkhlief/ahmedkhlief
ahmedkhlief/Awesome-CobaltStrike-Defence
Defences against Cobalt Strike
ahmedkhlief/Cloud-Security-Attacks
Azure and AWS Attacks
ahmedkhlief/CVE-2022-22954
Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960
ahmedkhlief/DeepBlueCLI
ahmedkhlief/dfirtriage
Digital forensic acquisition tool for Windows based incident response.
ahmedkhlief/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
ahmedkhlief/Ghost-In-The-Logs
Evade sysmon and windows event logging
ahmedkhlief/Ghostpack-CompiledBinaries
Compiled Binaries for Ghostpack
ahmedkhlief/KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.
ahmedkhlief/KStrike
Stand-alone parser for User Access Logging from Server 2012 and newer systems
ahmedkhlief/mac4n6
Collection of forensics artifacs location for Mac OS X and iOS
ahmedkhlief/PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
ahmedkhlief/PyExchangePasswordSpray
Microsoft Exchange password spray tool with proxy support.
ahmedkhlief/ReverseSock5Proxy
A tiny Reverse Sock5 Proxy written in C :V
ahmedkhlief/sliver
Adversary Emulation Framework
ahmedkhlief/test