Code included as part of the MustLearnKQL blog series

AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project

List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point.

Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team p…

The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

Credentials recovery project

Tool for Active Directory Certificate Services enumeration and abuse

Simple GUI for Microsoft Defender for Endpoint API machine actions in PowerShell.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A Tool for Domain Flyovers

Enumerate information from NTLM authentication enabled web endpoints 🔎

User Enumeration of Microsoft Teams users via API

PDF Parser : fork with Python 2+3 support using six

a drop-in replacement for Nmap powered by shodan.io

In-depth attack surface mapping and asset discovery

DNS Enumeration Script

Fierce.pl Domain Scanner

Daemon to ban hosts that cause multiple authentication errors

Portspoof

A PowerShell module to deploy active directory decoy objects.

Actionable analytics designed to combat threats

GHOSTS is a realistic user simulation framework for cyber simulation, training, and exercise

Capture Screen, Audio, Cursor, Mouse Clicks and Keystrokes

A USBStealer program that works in every windows OS, this program extracts all windows passwords

Six Degrees of Domain Admin

PowerShell Digital Forensics & Incident Response Scripts.

Digging Deeper....

GRR Rapid Response: remote live forensics for incident response

Small and highly portable detection tests based on MITRE's ATT&CK.