armstrongcyber Goto Github PK

atc-react

A knowledge base of actionable Incident Response techniques

awesome-incident-response

A curated list of tools for incident response

backup-of-ransomchats

blue-team-notes

Cloned incase they disappear

business-email-compromise-guide

The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the process of identifying, collecting and analysing activity associated with BEC intrusions.

c3

Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

carboncopy

A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux

conti-leaked-playbook-ttps

MITRE TTPs derived from Conti's leaked playbooks from XSS.IS

excelntdonut

Excel 4.0 (XLM) Macro Generator for injecting DLLs and EXEs into memory.

gtfobins.github.io

Curated list of Unix binaries that can be exploited to bypass system security restrictions

hot-manchego

Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.

installerfiletakeover

joplin

Joplin - an open source note taking and to-do application with synchronization capabilities for Windows, macOS, Linux, Android and iOS. Forum: https://discourse.joplinapp.org/

lolbas

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

malleable-c2

Cobalt Strike Malleable C2 Design and Reference Guide

onioningestor

An extendable tool to Collect, Crawl and Monitor onion sites on tor network and index collected information on Elasticsearch

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

pentest-cheatsheets

probable-wordlists

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

psdecode

PowerShell script for deobfuscating encoded PowerShell scripts

red-baron

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams

red-team-infrastructure-wiki

Wiki to collect Red Team infrastructure hardening resources

rootthebox

A Game of Hackers (CTF Scoreboard & Game Manager)

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sharpersist

simple-php-web-shell

Tiny PHP Web shell for executing unix commands from web page

sysmon-config

Sysmon configuration file template with default high-quality event tracing

threathunting

An informational repo about hunting for adversaries in your IT environment.