armstrongcyber's repositories
atc-react
A knowledge base of actionable Incident Response techniques
awesome-incident-response
A curated list of tools for incident response
Blue-Team-Notes
Cloned incase they disappear
Business-Email-Compromise-Guide
The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the process of identifying, collecting and analysing activity associated with BEC intrusions.
C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
CarbonCopy
A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux
Conti-Leaked-Playbook-TTPs
MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
EXCELntDonut
Excel 4.0 (XLM) Macro Generator for injecting DLLs and EXEs into memory.
GTFOBins.github.io
Curated list of Unix binaries that can be exploited to bypass system security restrictions
hot-manchego
Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.
joplin
Joplin - an open source note taking and to-do application with synchronization capabilities for Windows, macOS, Linux, Android and iOS. Forum: https://discourse.joplinapp.org/
LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
OnionIngestor
An extendable tool to Collect, Crawl and Monitor onion sites on tor network and index collected information on Elasticsearch
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Probable-Wordlists
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
PSDecode
PowerShell script for deobfuscating encoded PowerShell scripts
Red-Baron
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
RootTheBox
A Game of Hackers (CTF Scoreboard & Game Manager)
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Simple-PHP-Web-Shell
Tiny PHP Web shell for executing unix commands from web page
sysmon-config
Sysmon configuration file template with default high-quality event tracing
ThreatHunting
An informational repo about hunting for adversaries in your IT environment.