ad-control-paths

Active Directory Control Paths auditing and graphing tools

autorecon

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

bloodhound

Six Degrees of Domain Admin

breach-parse

A tool for parsing breached passwords

caido

🚀 Caido releases, wiki and roadmap

caldera

Automated Adversary Emulation Platform

captnsud0

covenant

Covenant is a collaborative .NET C2 framework for red teamers.

device-security-guidance-configuration-packs

This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. These configurations are aimed primarily at government and other medium/large organisations.

ghidra

Ghidra is a software reverse engineering (SRE) framework

howler-api

Howler's API. Howler is an application that allows analysts to triage hits and alerts. It provides a way for analysts to efficiently review and analyze alerts generated by different analytics and detections.

impacket

Impacket is a collection of Python classes for working with network protocols.

lazagne

Credentials recovery project

ligolo-ng

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

mitreattack-python

A python module for working with ATT&CK

netexec

The Network Execution Tool

peass-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

s1_manager

The tool for the advanced SentinelOne administrator

sctools

Tools for security content automation, baseline tailoring, and overlay development.

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sentinel-one-star-rules-threat-hunts

SentinelOne STAR Rules

sentinelone-api

Some Python SentinelOne API request examples and UI

sentinelone-threathunting-and-xdr-guide

Beginners Guide to Hunting for Threats

sharpmapexec

CrackMapExec in CSharp

sliver

Adversary Emulation Framework

sn1per

Attack Surface Management Platform

snaffler

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

viper

Binary analysis framework

windows_event_logging

Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.