fr0stb0lt

zellij

A terminal workspace with batteries included

atuin

✨ Magical shell history

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

updog

Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.

velociraptor

Digging Deeper....

chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

pwncat

Fancy reverse and bind shell handler

pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time

hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

linWinPwn

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

Adalanche

Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)

SharpDPAPI

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

ldapnomnom

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)

dissect

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).

LAPSToolkit

Tool to audit and attack LAPS environments

SauronEye

Search tool to find specific files containing specific words, i.e. files containing passwords..

ForgeCert

"Golden" certificates

SOAPHound

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

SharpSCCM

A C# utility for interacting with SCCM

Live-Forensicator

A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)

crackerjack

CrackerJack / Hashcat Web Interface / Context Information Security

SharpKiller

Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8

rdp2tcp

rdp2tcp: open tcp tunnel through remote desktop connection.

bofhound

Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel

evilrdp

PSInject

Inject PowerShell into any process

LinikatzV2

linikatz is a tool to attack AD on UNIX

pyldapsearch

Tool for issuing manual LDAP queries which offers bofhound compatible output

CobaltStrike-Config

Repository for archiving Cobalt Strike configuration

awesome-osint

:scream: A curated list of amazingly awesome OSINT