rick-ridgley

Microsoft-Activation-Scripts

A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

ghauri

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

CCTV

Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegram API integration. Offering precise tracking within 50-100 meters, users can monitor others in real-time for logistics or safety, redefining how we navigate our surroundings

bleak

A cross platform Bluetooth Low Energy Client for Python using asyncio

EDR-Telemetry

This project aims to compare and evaluate the telemetry of various EDR products.

CursedChrome

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

LDAPmonitor

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!

Macro-Deck

Macro Deck transforms your phone, tablet, or any device equipped with a modern internet browser into an efficient remote macro pad. With this tool, you can execute single or multi-step actions seamlessly with just a single tap.

incident-response-plan-template

A concise, directive, specific, flexible, and free incident response plan template

Open-source-tools-for-CTI

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

RansomLord

RansomLord is a proof-of-concept Anti-Ransomware exploitation tool that automates the creation of PE files, used to compromise ransomware pre-encryption.

SharpADWS

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).

Evilginx3-Phishlets

This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3. May be updated periodically.

BadZure

BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.

starbase

Graph-based security analysis for everyone

Microsoft-Analyzer-Suite

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

The_Shelf

Retired TrustedSec Capabilities

CTI-Analyst-Challenge

An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.

gcpwn

Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot

definitive-guide-kql

Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL

CSPReconGO

awesome-playbooks

A curated repository of incident response playbooks

workflows

🛠️ Workflows created by the community

dvka

Damn Vulnerable Kubernetes App (DVKA) is a series of apps deployed on Kubernetes that are damn vulnerable.

ludus_sccm

An Ansible collection that installs an SCCM deployment with optional configurations.

SarlackLab

SecOpsSamples

Sample SecOps scripts and Utilities

GPSBL

TaniumResources