Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracting the malware's final stage configuration.

MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs

内网资产收集、探测主机存活、端口扫描、域控定位、文件搜索、各种服务爆破（SSH、SMB、MsSQL等）、Socks代理，一键自动化+无文件落地扫描

Automates interactions with the Blum airdrop platform, including claiming rewards, managing farming sessions, completing tasks, and playing games.

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data exfiltration techniques used by advanced threat actors, allo…

Artifact collection tool for *nix systems

C2 over google cloud storage buckets

Active Directory password filter featuring breached password checking and custom complexity rules

HookChain: A new perspective for Bypassing EDR Solutions

↕️🤫 Stealth redirector for your red team operation security

The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)

A resource containing all the tools each ransomware gangs uses

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in TLS Cli…

Customizable Linux Persistence Tool for Security Research and Detection Engineering.

Awesome Security lists for SOC/CERT/CTI

Open Breach and Attack Simulation Platform

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

PoC - Authenticated Remote Code Execution in VMware vCenter Server (Exploit)

An aggressor script that can help automate payload building in Cobalt Strike

Scan files or process memory for CobaltStrike beacons and parse their configuration

Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )

Tools, tips, tricks, and more for exploring ICS Security.

This is a simulation of attack by (Ember Bear) APT group targeting energy Organizations in Ukraine the attack campaign was active from least March 2021, The attack chain starts wit spear phishing e…

Process hunting Toolkit is toolkit capable of hunting down malicious processes on Windows

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…

ResearchDev - XDR & SIEM Detection

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios