irq8

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

sigma

Main Sigma Rule Repository

windows-kernel-exploits

windows-kernel-exploits Windows平台提权漏洞集合

Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Red-Team-Infrastructure-Wiki

Wiki to collect Red Team infrastructure hardening resources

ThreatHunter-Playbook

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

APT_CyberCriminal_Campagin_Collections

APT & CyberCriminal Campaign Collection

ivre

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, etc.

Privilege-Escalation

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

Ghost

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

EVTX-ATTACK-SAMPLES

Windows Events Attack Samples

resources

A general collection of information, tools, and tips regarding CTFs and similar security competitions

adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Dr0p1t-Framework

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

RedHunt-OS

Virtual Machine for Adversary Emulation and Threat Hunting

SafetyKatz

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

Interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

iSniff-GPS

Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices

APT_Digital_Weapon

Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.

DFIRMindMaps

A repository of DFIR-related Mind Maps geared towards the visual learners!

cortana-scripts

A collection of Cortana scripts that you may use with Armitage and Cobalt Strike 2.x. Cortana Scripts are not compatible with Cobalt Strike 3.x. Cobalt Strike 3.x uses a variant of Cortana called Aggressor Script.

flashsploit

Exploitation Framework for ATtiny85 Based HID Attacks

c2db

c2 traffic

pOSINT

Gather Open-Source Intelligence using PowerShell.

fractalrabbit

Simulate realistic trajectory data seen through sporadic reporting

BeaconGraph

Graph visualization of wireless client and access point relationships

files

cortana

This is a pack of Cortana scripts commonly used on our pentests.

deobfuscate

Python script to automatically deobfuscate malware code

CloudFail

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network