Pinned Repositories
aad-sso-enum-brute-spray
POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln
AADInternals
AADInternals PowerShell module for administering Azure AD and Office 365
Alaris
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
Amsi-Killer
Lifetime AMSI bypass
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
azure-cdn-ips
List of Azure CDN IP Addresses
Azure-Red-Team
Azure Security Resources and Notes
secAnalyst's Repositories
secAnalyst/Amsi-Killer
Lifetime AMSI bypass
secAnalyst/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
secAnalyst/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
secAnalyst/azure-cdn-ips
List of Azure CDN IP Addresses
secAnalyst/Azure-Red-Team
Azure Security Resources and Notes
secAnalyst/Azure_Workshop
secAnalyst/BITB
Browser In The Browser (BITB) Templates
secAnalyst/bl-bfg
secAnalyst/C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
secAnalyst/C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
secAnalyst/Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
secAnalyst/Cloud-AWS
A collection of projects supporting AWS Integration
secAnalyst/CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
secAnalyst/evilgophish
evilginx2 + gophish
secAnalyst/GCTI
secAnalyst/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
secAnalyst/MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
secAnalyst/Nimcrypt2
.NET, PE, & Raw Shellcode Packer/Loader Written in Nim
secAnalyst/nmapAutomator
A script that you can run in the background!
secAnalyst/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
secAnalyst/psfalcon
PowerShell for CrowdStrike's OAuth2 APIs
secAnalyst/recon-ng
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
secAnalyst/RedELK
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
secAnalyst/RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operations
secAnalyst/RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
secAnalyst/ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
secAnalyst/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
secAnalyst/sliver
Adversary Emulation Framework
secAnalyst/sysmon-config
Advanced Sysmon ATT&CK configuration, Installer & Auto Updater with high-quality event tracing
secAnalyst/sysmon-modular
A repository of sysmon configuration modules