sopsmattw

the-book-of-secret-knowledge

:dizzy: A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.

1337-Noms-The-Hacker-Cookbook

food food food

Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

adaudit

Powershell script to do domain auditing automation

AggressorScripts

Aggressor scripts for use with Cobalt Strike 3.0+

ANGRYPUPPY

Bloodhound Attack Path Automation in CobaltStrike

arsenal

Arsenal is just a quick inventory and launcher for hacking programs

beef

The Browser Exploitation Framework Project

blog

Frommelmak's blog

Covenant

Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.

CredsLeaker

CVE-2020-1472

Test tool for CVE-2020-1472

DARKSURGEON

DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.

epd-library-python

Python libraries for Waveshare e-paper series 1.54"/1.54" B/2.13"/2.13" B/2.7"/2.7" B/2.9"/2.9" B/4.2"/4.2" B/7.5"/ 7.5" B

EvilOSX

A pure python, post-exploitation, RAT (Remote Administration Tool) for macOS / OSX.

grr

GRR Rapid Response: remote live forensics for incident response

Malleable-C2-Randomizer

A script to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls

malware-gems

A not so awesome list of malware gems for aspiring malware analysts

Microsoft-Extractor-Suite

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

Misc-Powershell-Scripts

Random Tools

NessusV7-Report-Export-PowerShell

Automated Powershell Script to export NessusPro V7 or Nessus IO Scanner Reports - Nessus API

nuxhash

A NiceHash cryptocurrency mining client for Linux.

OpenPasswordFilter

An open source custom password filter DLL and userspace service to better protect / control Active Directory domain passwords.

PANhunt

PANhunt searches for credit card numbers (PANs) in directories.

Privilege-Escalation

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

Probable-Wordlists

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

Red-Teaming-Toolkit

A collection of open source and commercial tools that aid in red team operations.

redteam-research

Collection of PoC and offensive techniques used by the BlackArrow Red Team

sof-elk

Configuration files for the SOF-ELK VM, used in SANS FOR572

UhOh365

A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.