darmado
Follow
Lists (32)
ADVERSARY LANGUAGES
Alternative programming languages used by adversariesAI
APP
C2:Loaders
CHEAT SHEETS
COLLECTION
COMMAND & CONTROL
List of C2 projects we've used at least once during assumed breach, threat emulation, and purple team exercise work.CREDENTIAL ACCESS
CTI ANALYSIS
Tools for automating CTI analysisDEFENSE EVASION
DEVSEC OPS
All things DevSecOpsDISCOVERY
EXECUTION
EXFILTRATION
INITIAL ACCESS
LATERAL MOVEMENT
LEARNING
MacOS
MALDOC
MOBILE
OSINT
PERSISTENCE
PIPELINES
PRIVILEGE ESCALATION
RANSOMWARE SIM
RECON
REPORTING
SMART CONTRACT TOOLS
TOOLS
This list includes offensive operations tooling that includes many TTPsTTP
VULN ANALYSIS
WEB APPS
Open source web appsStars
Six Degrees of Domain Admin
BC-SECURITY / Empire
Forked from EmpireProject/EmpireEmpire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
Automation for internal Windows Penetrationtest / AD-Security
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
A collection of scripts for assessing Microsoft Azure security
Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
Adversary Tactics - PowerShell Training
PowerShell framework to assess Azure security
ConPtyShell - Fully Interactive Reverse Shell for Windows
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it wi…
Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team p…
Powershell Based tool for gathering information related to O365 intrusions and potential Breaches
Open source C2 server created for stealth red team operations
A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Simple & Powerful PowerShell Script Obfuscator
Toolbox containing research notes & PoC code for weaponizing .NET's DLR
PowerShell Ransomware Simulator with C2 Server
Zero Infrastructure Password Cracking
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
Some scripts to abuse kerberos using Powershell
Collection of OPSEC Tradecraft and TTPs for Red Team Operations