Management tool for the information security management system / Outil de gestion du système de management de la sécurité de l'information

Your Everyday Threat Intelligence

Checklist of the most important security countermeasures when designing, testing, and releasing your API

SSH-MITM - ssh audits made simple

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Recover the default privilege set of a LOCAL/NETWORK SERVICE account

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Self contained htaccess shells and attacks

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…

game of active directory

A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.

Credentials recovery project

A tool for checking if MFA is enabled on multiple Microsoft Services

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

secator - the pentester's swiss knife

Open Source Vulnerability Management Platform

A very small, very simple, yet very secure encryption tool.

Free and open log management

The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, Privacy, and Reporting. It supports 100+ global frameworks with automatic control mapping, incl…

All-in-One malware analysis tool.

A tool for checking the security hardening options of the Linux kernel

PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection rules and undertake various security tasks, all accessible …

Web recon script. No need to fear, sumrecon is here!

HardeningKitty and Windows Hardening Settings

PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.

Tools and Techniques for Blue Team / Incident Response