{"payload":{"pageCount":1,"repositories":[{"type":"Public","name":"edc","owner":"threatexpress","isFork":false,"description":"Event Data Collector","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":7,"issueCount":0,"starsCount":35,"forksCount":7,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-04T19:48:09.603Z"}},{"type":"Public","name":"domainhunter","owner":"threatexpress","isFork":false,"description":"Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":2,"issueCount":6,"starsCount":1518,"forksCount":287,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-06T21:01:21.619Z"}},{"type":"Public","name":"malleable-c2","owner":"threatexpress","isFork":false,"description":"Cobalt Strike Malleable C2 Design and Reference Guide","allTopics":[],"primaryLanguage":null,"pullRequestCount":1,"issueCount":2,"starsCount":1579,"forksCount":292,"license":"GNU General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-12-13T17:14:22.576Z"}},{"type":"Public","name":"threat-mitigation","owner":"threatexpress","isFork":false,"description":"Threat Mitigation Strategies","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":23,"forksCount":10,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-07-05T04:39:55.972Z"}},{"type":"Public","name":"threatexpress","owner":"threatexpress","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"HTML","color":"#e34c26"},"pullRequestCount":0,"issueCount":0,"starsCount":11,"forksCount":4,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-02-08T18:10:42.845Z"}},{"type":"Public","name":"cs2modrewrite","owner":"threatexpress","isFork":false,"description":"Convert Cobalt Strike profiles to modrewrite scripts","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":2,"issueCount":1,"starsCount":578,"forksCount":113,"license":"GNU General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-01-30T17:47:51.254Z"}},{"type":"Public","name":"random_c2_profile","owner":"threatexpress","isFork":false,"description":"Cobalt Strike random C2 Profile generator","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":618,"forksCount":87,"license":"GNU General Public License v3.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-01-05T21:17:00.024Z"}},{"type":"Public","name":"redteamguide","owner":"threatexpress","isFork":false,"description":"Home of <a href=\"https://redteam.guide\" rel=\"nofollow\">https://redteam.guide</a>","allTopics":[],"primaryLanguage":{"name":"JavaScript","color":"#f1e05a"},"pullRequestCount":0,"issueCount":0,"starsCount":11,"forksCount":8,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-09-19T12:44:31.387Z"}},{"type":"Public","name":"metatwin","owner":"threatexpress","isFork":false,"description":"The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.","allTopics":[],"primaryLanguage":{"name":"HTML","color":"#e34c26"},"pullRequestCount":1,"issueCount":2,"starsCount":324,"forksCount":67,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-05-18T18:32:51.116Z"}},{"type":"Public","name":"cobaltstrike_payload_generator","owner":"threatexpress","isFork":false,"description":"Quickly generate every payload type for each listener and optionally host via HTTP. ","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":16,"forksCount":3,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-08-23T18:08:30.702Z"}},{"type":"Public","name":"aggressor-scripts","owner":"threatexpress","isFork":false,"description":"Cobalt Strike Aggressor Scripts","allTopics":[],"primaryLanguage":{"name":"JavaScript","color":"#f1e05a"},"pullRequestCount":0,"issueCount":0,"starsCount":139,"forksCount":23,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-08-02T01:01:05.609Z"}},{"type":"Public","name":"mythic2modrewrite","owner":"threatexpress","isFork":false,"description":"Generate Apache mod_rewrite rules for Mythic C2 profiles","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":26,"forksCount":3,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-07-22T19:22:06.572Z"}},{"type":"Public","name":"pasties","owner":"threatexpress","isFork":false,"description":"A collection of random bits of information common to many individual penetration tests, red teams, and other assessments","allTopics":[],"primaryLanguage":{"name":"Shell","color":"#89e051"},"pullRequestCount":0,"issueCount":0,"starsCount":106,"forksCount":33,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-04-21T01:45:27.879Z"}},{"type":"Public","name":"threatbox","owner":"threatexpress","isFork":false,"description":"ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed a natural evolution.","allTopics":[],"primaryLanguage":{"name":"Smarty","color":"#f0c040"},"pullRequestCount":0,"issueCount":1,"starsCount":71,"forksCount":12,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2020-02-27T15:34:24.507Z"}},{"type":"Public","name":"red-team-scripts","owner":"threatexpress","isFork":false,"description":"A collection of Red Team focused tools, scripts, and notes","allTopics":[],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":0,"issueCount":0,"starsCount":1105,"forksCount":191,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2019-11-18T05:30:18.021Z"}},{"type":"Public","name":"portplow","owner":"threatexpress","isFork":false,"description":"PortPlow is a distributed port and system scanning &amp; enumeration service. It enables the quick and automated enumeration of ports and services from multiple systems managed by a central console.","allTopics":[],"primaryLanguage":{"name":"JavaScript","color":"#f1e05a"},"pullRequestCount":0,"issueCount":0,"starsCount":53,"forksCount":10,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2018-08-01T18:05:14.446Z"}},{"type":"Public","name":"procdot_sandbox","owner":"threatexpress","isFork":false,"description":"ProcDot Malware Sandbox","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":21,"forksCount":6,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2018-07-11T04:26:56.148Z"}},{"type":"Public","name":"tools","owner":"threatexpress","isFork":false,"description":"Tools","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2018-06-29T08:02:54.612Z"}},{"type":"Public","name":"tinyshell","owner":"threatexpress","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":1,"starsCount":167,"forksCount":36,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2018-01-31T12:43:11.582Z"}},{"type":"Public","name":"invoke-pipeshell","owner":"threatexpress","isFork":false,"description":"SMB Named Pipe shell","allTopics":[],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":0,"issueCount":0,"starsCount":63,"forksCount":15,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2017-01-30T21:04:05.938Z"}},{"type":"Public","name":"subshell","owner":"threatexpress","isFork":false,"description":"SubShell is a python command shell used to control and execute commands through HTTP requests to a webshell. SubShell acts as the interface to the remote webshells.","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":72,"forksCount":15,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2016-11-06T16:00:48.230Z"}},{"type":"Public","name":"persistence-aggressor-script","owner":"threatexpress","isFork":true,"description":"initial commit","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":42,"forksCount":57,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2016-09-30T23:10:42.501Z"}}],"repositoryCount":22,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"threatexpress repositories"}