Use Dropbox as a command and control server. Perform data exfiltration.

Adversary Emulation Framework

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

A collection of sources of indicators of compromise.

Gather and update all available and newest CVEs with their PoC.

Shared lists of problem domains people may want to block with hosts files

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

Universal MS Key Toolkit

A framework for developing alerting and detection strategies for incident response.

Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.

🔑KMS_VL_ALL - Smart Activation Script

Research on UDP/TCP amplification vectors, payloads and mitigations against their use in DDoS Attacks

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

Presentation material presented by Outflank team members at public events.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

The Damn Vulnerable Router Firmware Project

iOS emulator for Windows

Windows Recycle Bin analyser

eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)

AutoMacTC: Automated Mac Forensic Triage Collector

Practical Cryptography for Developers: Hashes, MAC, Key Derivation, DHKE, Symmetric and Asymmetric Ciphers, Public Key Cryptosystems, RSA, Elliptic Curves, ECC, secp256k1, ECDH, ECIES, Digital Sign…

安卓内核提权漏洞分析

https://twitter.com/itsreallynick/status/1120410950430089224

2018年初整理的一些内网渗透TIPS，后面更新的慢，所以整理出来希望跟小伙伴们一起更新维护~

aztarna, a footprinting tool for robots.