Community curated list of templates for the nuclei engine to find security vulnerabilities.

JA4+ is a suite of network fingerprinting standards

Search and browse documents and data; find the people and companies you look for.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

📥 A Telegram toolkit written in Golang

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

Attack Surface Management Platform

web development for the rest of us

The entrance repository of Markdown presentation ecosystem

Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types

Elasticsearch File System Crawler (FS Crawler)

ADCS abuser

hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The ro…

NetSPI PowerShell Scripts

This repository has the JSON file required to perform user enumeration on various websites.

Template-Driven AV/EDR Evasion Framework

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

Active Directory certificate abuse.

StandIn is a small .NET35/45 AD post-exploitation toolkit

Tool for Active Directory Certificate Services enumeration and abuse

Tools for Kerberos PKINIT and relaying to AD CS