PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those fil…

Various Cheat Sheets

Automate the creation of a lab environment complete with security tooling and logging best practices

Reconnaissance tool for GitHub organizations

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Cmd.exe Command Obfuscation Generator & Detection Test Harness

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.

Tool for extracting information from newly spawned processes

Teaching old shellcode new tricks

Automated Adversary Emulation Platform

Striker is an offensive information and vulnerability scanner.

Some useful scripts for CobaltStrike

Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names

Wiki to collect Red Team infrastructure hardening resources

Six Degrees of Domain Admin