ATT&CK Sync helps teams keep up with latest version of ATT&CK, saving time and effort for all.
Get ready for an epic showdown between a seasoned pentester and a skilled SOC analyst!
Cloud-native SIEM for intelligent security analytics for your entire enterprise. - Azure-Sentinel/Solutions/Microsoft Defender Threat Intelligence/Playbooks at master · Azure/Azure-Sentinel
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs. - GitHub - iknowjason/Awesome-CloudSec-Labs: Awesome free clou...
Microsoft's decision to disable macros by default last year has forced hacking crews to find new, and sometimes old, ways to get a foothold.
Automated DLL Sideloading Tool With EDR Evasion Capabilities - GitHub - georgesotiriadis/Chimera: Automated DLL Sideloading Tool With EDR Evasion Capabilities
A tool to recover content from files encrypted with intermittent encryption - GitHub - cyberark/White-Phoenix: A tool to recover content from files encrypted with intermittent encryption
An evolving how-to guide for securing a Linux server. - GitHub - imthenachoman/How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server.
Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces - GitHub - boringthegod/postmaniac: Postman OSINT tool to extract creds, token, username, e...
Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC. - GitHub - CERN-CERT/pDNSSOC: Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
Strategic threat intelligence involves gathering and analyzing information to identify potential threats to an organization's security. This proactive
A list of useful payloads and bypass for Web Application Security and Pentest/CTF - GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Typically when you’re starting out on your red teaming journey, a goal on an Internal Penetration Test or maybe even the ultimate goal is to compromise the Windows Active Directory Domain. Getting to that goal is always fun and the “boss” feeling of doing it is unexplainable, particularly if it is your first time achieving it. But does it end there? We achieved the big bad so surely the engagement is basically over, right? Pack it up, go home and get that report done? WRONG!
Thank you for the love and feedback on my previous article. This weekend, I had several ideas for topics to write about but was…
Automated Penetration Testing Reporting System. Contribute to Anof-cyber/APTRS development by creating an account on GitHub.
Rapidly Search and Hunt through Windows Forensic Artefacts - GitHub - WithSecureLabs/chainsaw: Rapidly Search and Hunt through Windows Forensic Artefacts
Investigate malicious Windows logon by visualizing and analyzing Windows event log - GitHub - JPCERTCC/LogonTracer: Investigate malicious Windows logon by visualizing and analyzing Windows event log
Threat Hunting tool about Sysmon and graphs. Contribute to lucky-luk3/Grafiki development by creating an account on GitHub.
A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark. - GitHub - karimhabush/cis-vsphere: A tool to assess the compliance of a VMware vSphere environment agains...