David B.'s repositories
.NET-Obfuscator
Lists of .NET Obfuscator (Free, Trial, Paid and Open Source )
big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
BlueCloud
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
CVE-2021-1675
C# and Impacket implementation of CVE-2021-1675/PrintNightmare
CVE-2021-1675-LPE
Local Privilege Escalation Edition for CVE-2021-1675
DefenderCheck
Identifies the bytes that Microsoft Defender flags on.
DemoLab
A very simple lab to demo some Terraform, DSC, Inspec and Gitlab CI
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
IntroLabs
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
KubiScan
A tool to scan Kubernetes cluster for risky permissions
LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
mobsfscan
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
Nebula
Cloud C2 Framework in the making
NET-Obfuscate
Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI
Phant0m
Windows Event Log Killer
pivotnacci
A tool to make socks connections through HTTP agents
privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
PurpleCloud
Hybrid + Identity Cyber Range
pythonizing_nmap
A detailed guide showing you different ways you can incorporate Python into your workflows around Nmap.
rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
snoopy
Snoopy is a small library that logs all program executions on your Linux/BSD system (a.k.a. Snoopy Logger).
Sparkler
The tool creates a Microsoft Active Directory Domain with a structure and objects for learning.
terraform-aws-secure-baseline
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
TortugaToolKit
Collection of some of my own tools with other great open source tools out there packaged into a powershell module