tigr0w's repositories
BC-SECURITY_Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
BishopFox_sliver
Adversary Emulation Framework
carloslack_KoviD
Kernel rk
CheckPointSW_Evasions
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
darkoperator_dnsrecon
DNS Enumeration Script
DataDog_KubeHound
Kubernetes Attack Graph
diversenok_TokenUniverse
An advanced tool for working with access tokens and Windows security policy.
e-m-b-a_emba
EMBA - The firmware security analyzer
espressif_esp-idf
Espressif IoT Development Framework. Official development framework for Espressif SoCs.
Flangvik_ObfuscatedSharpCollection
Attempt at Obfuscated version of SharpCollection
Flangvik_TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
fortra_No-Consolation
A BOF that runs unmanaged PEs inline
gtworek_PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
hasherezade_hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
hasherezade_pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
infosecB_LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in macOS binaries and how they can be used by threat actors for malicious purposes.
kubescape
kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA (https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/)
lsecqt_OffensiveCpp
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
memN0ps_hypervisor-rs
Rusty Hypervisor - Windows Blue Pill Type-2 Hypervisor in Rust
Processus-Thief_HEKATOMB
Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers and uses Domain backup keys to decrypt them.
rabbitstack_fibratus
A modern tool for Windows kernel exploration and tracing with a focus on security
rapid7_metasploit-framework
Metasploit Framework
SpecterOps_Nemesis
An offensive data enrichment pipeline
stackrox_stackrox
The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment.
TheNitek_CatGFX
Adafruit GFX compatible arduino library for using cat thermal printers with the ESP32
vivier_phomemo-tools
CUPS driver for Phomemo M02 Label Printer
xforcered_ADOKit
Azure DevOps Services Attack Toolkit
Yamato-Security_hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.