Nuke It From Orbit - remove AV/EDR with physical access

Bounces when a fish bites - Evilginx database monitoring with exfiltration automation

🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.

A high-performance port spoofing tool built in Rust. Confuse port scanners with dynamic service emulation across all ports. Features customizable signatures, efficient async handling, and easy tra…

Additional active scan checks for BURP

Chrome extension for automating CSPT discovery

Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.

Sublime rules for email attack detection, prevention, and threat hunting.

The `boring` SSH tunnel manager

Awesome things from the community

A collection of projects designed to help developers quickly get started with building deployable applications using the Anthropic API

A stealthy ELF loader - no files, no execve, no RWX

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.

Rapidly Search and Hunt through Windows Forensic Artefacts

Practical Windows Forensics Training

Repository of attack and defensive information for Business Email Compromise investigations

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit

Halberd : Multi-Cloud Security Testing Tool to execute attacks across multiple surfaces via a intuitive web interface.

A web application to streamline the development of STIGs from SRGs

Open Breach and Attack Simulation Platform

Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )

Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption code, password strings, vulnerabilities, etc.

Java archive implant toolkit.

Create a break glass role for emergency use in order to limit AWS production account access. Configure automatic alerts and logging of activities in the role to secure its use in production environ…

A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.

Compliance automation framework, focused on SOC2

RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers (CSPs)