This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at the forefront of the field. It serves as a central repository…

PowerShell tools to help defenders hunt smarter, hunt harder.

ShellSweeping the evil.

M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response capabilities.

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

Automation to assess the state of your M365 tenant against CISA's baselines

Examine Chrome extensions for security issues

NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.

Indicators of Compromises (IOC) of our various investigations

DarkFlare Firewall Piercing (TCP over CDN)

Cross-platform application to open any website or media in a floating window

A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters to share knowledge, collaborate on techniques, and advance t…

📚 A Curated List of Awesome Telegram OSINT Tools, Sites & Resources

https://registry.terraform.io/providers/CrowdStrike/crowdstrike/latest/docs

Suricata, Snort and Zeek IDS rule and pcap testing system

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA …

SSH tarpit that slowly sends an endless banner

Full Toolkit for Next-Level Domain Analysis

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

OCSF Schema

Cuckoo3 is a Python 3 open source automated malware analysis system.

Technitium DNS Server

Automated threat intel feed parsing and consolidation💻👾🤖

A list of online news & info sources in the InfoSec/Cybersecurity space

This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation tech…

Python support for Flipper Zero