Threat Express's repositories
malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
domainhunter
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
red-team-scripts
A collection of Red Team focused tools, scripts, and notes
random_c2_profile
Cobalt Strike random C2 Profile generator
cs2modrewrite
Convert Cobalt Strike profiles to modrewrite scripts
aggressor-scripts
Cobalt Strike Aggressor Scripts
threatbox
ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed a natural evolution.
invoke-pipeshell
SMB Named Pipe shell
persistence-aggressor-script
initial commit
mythic2modrewrite
Generate Apache mod_rewrite rules for Mythic C2 profiles
threat-mitigation
Threat Mitigation Strategies
procdot_sandbox
ProcDot Malware Sandbox
cobaltstrike_payload_generator
Quickly generate every payload type for each listener and optionally host via HTTP.
redteamguide
Home of https://redteam.guide