darmado

Follow

😀

Daniel darmado

😀

Follow

:)

19 followers · 93 following

@armadoinc
United States of America
21:26 (UTC -12:00)
@darmad0
in/darmado

Achievements

Achievements

Lists (32)

Sort

ADVERSARY LANGUAGES

Alternative programming languages used by adversaries

AI

27 repositories

APP

127 repositories

C2:Loaders

CHEAT SHEETS

20 repositories

COLLECTION

COMMAND & CONTROL

List of C2 projects we've used at least once during assumed breach, threat emulation, and purple team exercise work.

56 repositories

CREDENTIAL ACCESS

44 repositories

CTI ANALYSIS

Tools for automating CTI analysis

42 repositories

DEFENSE EVASION

111 repositories

DEVSEC OPS

All things DevSecOps

38 repositories

DISCOVERY

48 repositories

EXECUTION

EXFILTRATION

INITIAL ACCESS

17 repositories

LATERAL MOVEMENT

11 repositories

LEARNING

MacOS

22 repositories

MALDOC

MOBILE

OSINT

PERSISTENCE

12 repositories

PIPELINES

PRIVILEGE ESCALATION

37 repositories

RANSOMWARE SIM

RECON

26 repositories

REPORTING

SMART CONTRACT TOOLS

TOOLS

This list includes offensive operations tooling that includes many TTPs

50 repositories

TTP

VULN ANALYSIS

WEB APPS

Open source web apps

Stars

46 stars written in PowerShell

Mr-Un1k0d3r / AMSI-ETW-Patch

Patch AMSI and ETW

PowerShell 246 33 Updated May 8, 2024

troennes / private-secure-windows

Privacy and security baseline for personal Windows 10 and Windows 11

PowerShell 201 16 Updated Oct 2, 2023

palantir / exploitguard

Documentation and supporting script sample for Windows Exploit Guard

PowerShell 159 40 Updated Sep 8, 2025

WithSecureLabs / ppid-spoofing

Scripts for performing and detecting parent PID spoofing

PowerShell 146 20 Updated May 16, 2020

sailay1996 / SpoolTrigger

Weaponizing for privileged file writes bugs with PrintNotify Service

PowerShell 133 23 Updated May 17, 2022

fridgehead / Powershell-SSHTools

A bunch of useful SSH tools for powershell

PowerShell 119 14 Updated Oct 24, 2018

OTRF / Set-AuditRule

Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity

PowerShell 94 24 Updated Feb 2, 2022

microsoft / AzDetectSuite

A collection of ARM-based detections for Azure/AzureAD based TTPs

PowerShell 88 11 Updated Dec 12, 2023

nccgroup / PS2

A port scanner written purely in PowerShell.

PowerShell 80 11 Updated Sep 13, 2023

JoelGMSec / Invoke-Transfer

PowerShell Clipboard Data Transfer

PowerShell 72 9 Updated Sep 4, 2025

Atomics-on-A-Friday / Emulation-Tools

PowerShell 32 7 Updated Mar 21, 2023

tobor88 / CybereasonAPI

PowerShell module containing commands to easily interact with the Cybereason API.

PowerShell 16 6 Updated Sep 22, 2021

ricardojba / Invoke-GMSAPasswordReader

.Net Assembly loader for the GMSAPasswordReader

PowerShell 14 4 Updated Feb 15, 2023

0x00Check / Find-UserlandHooks

PowerShell script to find NTDLL functions that may be hooked by AV or EDR by comparing what exists on disk with the loaded ntdll module.

PowerShell 10 2 Updated Aug 7, 2022

tanc7 / ProtectMyTooling

Forked from mgeeky/ProtectMyTooling

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it wi…

PowerShell 6 1 Updated Jan 3, 2023

gbragante / WMI-Scripts

WMI Scripts

PowerShell 5 2 Updated Oct 31, 2024