Because AV evasion should be easy.

Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍

Windows Events Attack Samples

An informational repo about hunting for adversaries in your IT environment.

Rapidly Search and Hunt through Windows Forensic Artefacts

Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Mapping of open-source detection rules and atomic tests.

A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.

The Hunting ELK

The Elastic stack (ELK) powered by Docker and Compose.

Elastic Security detection content for Endpoint

Gandcrab v5.2 decryption scripts

A list of free and open forensics analysis tools and other resources

Open-source Windows and Office activator featuring HWID, Ohook, TSforge, KMS38, and Online KMS activation methods, along with advanced troubleshooting.

Microsoft Software Download Listing

Automated Adversary Emulation Platform

The Browser Exploitation Framework Project

The Havoc Framework

CTF framework and exploit development library

Adversary Emulation Framework

Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Ghidra is a software reverse engineering (SRE) framework

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Main Sigma Rule Repository

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.