me009

me009's Stars

• maxDcb/C2TeamServer

  TeamServer and Client of Exploration Command and Control Framework

  Language:Python609

• WithSecureLabs/cloud-security-vm

  Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments

  Language:HCL1006

• triw0lf/HEARTH

  Hunting Exchange And Research Threat Hub

  1349

• Offensive-Panda/ShadowDumper

  Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.

  Language:C++26143

• AirbusProtect/AD-Canaries

  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Canary objects.

  Language:PowerShell23112

• palantir/alerting-detection-strategy-framework

  A framework for developing alerting and detection strategies for incident response.

  689120

• D4RK-4RMY/DARKARMY

  DARKARMY Hacking Tools Pack - A Penetration Testing Framework .

  Language:Python1k128

• Galeax/CVE2CAPEC

  Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

  Language:Python479

• CyberSecurityUP/Red-Team-Exercises

  Language:C++29147

• TheCloudScout/m365defender-adx

  Language:PowerShell144

• pmaillot/X32-Behringer

  This GIT repo (C language) holds applications and utilities for the Behringer X32 and M32 mixing consoles. Additional details, documentation, implementation examples and apps can be found in my website:

  Language:C23741

• An0nUD4Y/AV-EDR-Lab-Environment-Setup

  AV/EDR Lab environment setup references to help in Malware development

  17815

• TheCloudScout/expertsliveEU

  Language:PowerShell1

• crocodyli/ThreatActors-TTPs

  Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

  21831

• lkarlslund/nifo

  Nuke It From Orbit - remove AV/EDR with physical access

  Language:Go19112

• wolfcod/lsassdump

  lsassdump via RtlCreateProcessReflection and NanoDump

  Language:C7210

• tsale/EDR-Telemetry-Website

  Language:HTML705

• cpu0x00/Ghost

  Evasive shellcode loader

  Language:C++24941

• TaurusOmar/psobf

  PowerShell Obfuscator

  Language:Go8916

• SlimKQL/Hunting-Queries-Detection-Rules

  KQL Queries. Microsoft Defender, Microsoft Sentinel

  Language:HTML25647

• tvfischer/ps-srum-hunting

  PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting

  Language:PowerShell231

• nianticlabs/venator

  A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.

  Language:Go35018

• SamErde/PowerShell

  PowerShell for Active Directory, Defender XDR, Entra ID, Exchange Server, Microsoft 365, Windows, and more! ✌️

  Language:PowerShell623

• WithSecureLabs/C3

  Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

  Language:C++1.5k271

• t-tani/defender2yara

  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules

  Language:Python112

• PaloAltoNetworks/cobra-tool

  Cloud Offensive Breach and Risk Assessment (COBRA) Tool

  Language:Python7633

• Pennyw0rth/NetExec-Lab

  Lab used for workshop and CTF

  Language:PowerShell15515

• techBrandon/DC32-GOAD

  493

• SafeBreach-Labs/WindowsDowndate

  A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities

  Language:Python60479

• microsoft/EventLogExpert

  Language:C#12119