Beast code in Giters

Matt Kelly's starred repositories

deepdarkCTI

Collection of Cyber Threat Intelligence sources from the deep and dark web

GPL-3.0419900

logging-log4j2

Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.

Language:JavaApache-2.0332800

VmdkReader

.NET 4.0 Console App to browse VMDK / VHD images and extract files

Language:C#18700

weaponize_splunk

Weaponizing Splunk Presentation including Splunk Apps for penetration testing.

BSD-3-Clause5000

Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.

Language:Python44500

SharpShooter

Payload Generation Framework

Language:VBABSD-3-Clause178100

UltimateAppLockerByPassList

The goal of this repository is to document the most common techniques to bypass AppLocker.

Language:PowerShell187900

danderspritz-evtx

Parse evtx files and detect use of the DanderSpritz eventlogedit module

Language:Python14200

pcodedmp

A VBA p-code disassembler

Language:PythonGPL-3.044800

PenTesting-Scripts

A ton of helpful tools

Language:PowerShell33200

PowerLurk

Malicious WMI Events using PowerShell

Language:PowerShell36200

echidna

Language:PythonMIT1700

HoneypotBuster

Language:PowerShell27800

Out-FINcodedCommand

POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's stdin command invocation capabilities

Language:PowerShell10200

OpenPasswordFilter

An open source custom password filter DLL and userspace service to better protect / control Active Directory domain passwords.

Language:C#GPL-2.038500

Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Language:PythonGPL-3.0527300

7Zip4Powershell

Powershell module for creating and extracting 7-Zip archives

Language:C#LGPL-2.139200

SlackShell

PowerShell to Slack C2

Language:PowerShellBSD-3-Clause10900

Red-Team-Infrastructure-Wiki

Wiki to collect Red Team infrastructure hardening resources

BSD-3-Clause404400

cracklord

Queue and resource system for cracking passwords

Language:GoMIT38200

BloodHound

Six Degrees of Domain Admin

Language:PowerShellGPL-3.0967400

PyKerberoast

Implementing Kerberoast attack fully in python

Language:Python7200

CimSweep

CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.

Language:PowerShellBSD-3-Clause63800

PowerCat

A PowerShell TCP/IP swiss army knife.

Language:PowerShellBSD-3-Clause55700

EmPyre

A post-exploitation OS X/Linux agent written in Python 2.7

Language:PythonBSD-3-Clause86300

JEA

Just Enough Administration

Language:PowerShellMIT25500

p0wnedShell

PowerShell Runspace Post Exploitation Toolkit

Language:C#BSD-3-Clause151900

ADAudit

Windows PowerShell module to help in the auditing of Active Directory environments.

BSD-3-Clause4900

breakersall