Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.

Personal compilation of APT malware from whitepaper releases, documents and own research

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

A repository of LIVE malwares for your own joy and pleasure

The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samples are uploaded for education purposes for red and blue teams.

This is just a bunch of stuff I am messing around with, and need a place to keep it all.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

An Information Security Reference That Doesn't Suck

🔨 A multiple reverse shell session/client manager via terminal

Repo for random stuff

Online hash checker for Virustotal and other services

Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.

Self contained htaccess shells and attacks

Penetration Testing notes, resources and scripts

This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.

oscp study

A curated list of awesome threat detection and hunting resources

My musings with PowerShell

My implementation of enSilo's Process Doppelganging (PE injection technique)

The Seeker of IOC

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

The CALDERA automated adversary emulation system

A curated list of Awesome Threat Intelligence resources

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

List of awesome reverse engineering resources

A collection of information on threat actors and resources

Wiki to collect Red Team infrastructure hardening resources

A parser for Nessus (via API) and Nmap scans results

Python library to interact with the MITRE attack framework via the MITRE API

"Reverse Engineering for Beginners" free book