jez-github Goto Github PK

adaclscanner

Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory

amass

In-depth Attack Surface Mapping and Asset Discovery

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

badblood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

bloodhound

Six Degrees of Domain Admin

crowdstrike-falcon-queries

A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon

event-forwarding-guidance

Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

flipperzero-3d-models

Flipper Zero 3D models

gobuster

Directory/File, DNS and VHost busting tool written in Go

hawk

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

homebrew-pentest

Homebrew Tap - Pen Test Tools

ics-pcap

A collection of ICS/SCADA PCAPs

ics-pentesting-tools

A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing

ics-security-tools

Tools, tips, tricks, and more for exploring ICS Security.

invoke-obfuscation

PowerShell Obfuscator

letsmapyournetwork

Lets Map Your Network enables you to visualise your physical network in form of graph with zero manual error

logontracer

Investigate malicious Windows logon by visualizing and analyzing Windows event log

microsoft-user-security-evaluation-reporter

Evaluating and Reporting on Azure Active Directory/Active Directory Users Security Posture

mitaka

A browser extension for OSINT search

o365-activityfeed-azurefunction

Azure function that processes incoming notifications from the O365 Activity API

o365-investigationtooling

purplesharp

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

red_team_tool_countermeasures

scadapass

SCADA StrangeLove Default/Hardcoded Passwords List

scavenger

scavenger : is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as "interesting" files containing sensitive information.

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sherlock

🔎 Hunt down social media accounts by username across social networks

shodan-filters

A list of shodan filters

social_mapper

A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)

solarflare

SolarWinds Orion Account Audit / Password Dumping Utility