A collection of sources of documentation, as well as field best practices, to build/run a SOC

A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

This repository contains indicators of compromise (IOCs) of our various investigations.

Halberd : Multi-Cloud Attack Tool

This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.

A collection of intelligence about Log4Shell and its exploitation activity.

A python app to predict Att&ck tactics and techniques from cyber threat reports

Python script for periodically fetching appointment dates from the Trusted Traveler Program API for Global Entry, Nexus, SENTRI, and FAST, with notifications to the user when new appointments are discovered.

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record

Adversary emulation for EDR/SIEM testing (macOS/Linux)

TTP Parser kit for SROS devices.

TTP template for Cisco IOS "show run"

This central repository is crafted for cybersecurity enthusiasts, researchers, and professionals aiming to advance their skills. It offers valuable resources for those focused on analyzing and understanding different types of malware.

Wiki to collect Red Team infrastructure hardening resources

Official Black Hat Arsenal Security Tools Repository

A collection of commands, tools, techniques and procedures of the purplestorm ctf team.

Empire is a PowerShell and Python post-exploitation agent.