Tony B's repositories
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
APTnotes
Various public documents, whitepapers and articles about APT campaigns
archetypes
䷴ Universal, rule-based business collaboration APIs for e-commerce and customer relationship management (CRM).
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Awesome-Red-Teaming
List of Awesome Red Teaming Resources
CredKing
Password spraying using AWS Lambda for IP rotation
CredSniper
CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
data
APTnotes data
FiercePhish
FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
gitleaks
Audit git repos for secrets 🔑
GreatSCT
The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.
Invoke-CradleCrafter
PowerShell Remote Download Cradle Generator & Obfuscator
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
metasploit-framework
Metasploit Framework
nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
nmap
Nmap - the Network Mapper. Github mirror of official SVN repository.
offensive
tools for work
offensiveinterview
Interview questions to screen offensive (red team/pentest) candidates
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
Red-Baron
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
repo-security-scanner
CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
shadowbroker
The Shadow Brokers "Lost In Translation" leak
stack-overflow-copy-paste
Utility functions copy/pasted (and modified slightly) from Stack Overflow
Vanquish
Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
veris
Vocabulary for Event Recording and Incident Sharing (VERIS)