GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

A minimal, responsive, and feature-rich Jekyll theme for technical writing.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Fluxion is a remake of linset by vk496 with enhanced functionality.

Grab cam shots & GPS location from target's phone front camera or PC webcam just sending a link.

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Canarytokens helps track activity and actions on your network.

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.

A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

Utilities for MITRE™ ATT&CK

Collection of tools to build beautiful command line interface in different languages

OSINT Project. Collect information from a mail. Gather. Profile. Timeline.

Sticky notes for pentesting, bug bounty, CTF.

A python module for working with ATT&CK

MITRE ATT&CK Website

HTML smuggling is not an evil, it can be useful

WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.

A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office365 users.

Public static website for the D3FEND project. For the D3FEND ontology repo see: https://github.com/d3fend/d3fend-ontology