Stars
When good OAuth apps go rogue. Documents observed OAuth application tradecraft
Collection of Cyber Threat Intelligence sources from the deep and dark web
Research into Undocumented Behavior of Azure AD Refresh Tokens
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective β¦
Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
A reference containing Styles and Keywords that you can use with MidJourney AI. There are also pages showing resolution comparison, image weights, and much more!
Creation of a laboratory for malware analysis in AWS
My experiments in weaponizing Nim (https://nim-lang.org/)
Tool for Active Directory Certificate Services enumeration and abuse
You didn't think I'd go and leave the blue team out, right?
Pre-Built Vulnerable Environments Based on Docker-Compose
RedEye is a visual analytic tool supporting Red & Blue Team operations
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
Simple HTTP listener for security testing
Sandman is a NTP based backdoor for hardened networks.
A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.
π A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
π§π»ββοΈ One theme. All platforms.
Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
A proof-of-concept malicious Chrome extension
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Adaptive DLL hijacking / dynamic export forwarding