SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Automation to assess the state of your M365 tenant against CISA's baselines

The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat …

Map tracking ransomware, by OCD World Watch team

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

🍯 T-Pot - The All In One Honeypot Platform 🐝

This contain my personal config files. Here you'll find configs, customizations, themes, and whatever I need to customize my OS experience.

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

Cybersecurity Evaluation Tool

Defanged Indicator of Compromise (IOC) Extractor.

The Official Packet Squirrel Payload Repository

A collection of sources of documentation, as well as field best practices, to build/run a SOC

The Official Bash Bunny Payload Repository

SIEM Tactics, Techiques, and Procedures

The Official USB Rubber Ducky Payload Repository

Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

Azure Sentinel KQL

fabric is an open-source framework for augmenting humans using AI. It provides a modular framework for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

Proxmox VE Helper-Scripts

Small and highly portable detection tests based on MITRE's ATT&CK.

Ghidra is a software reverse engineering (SRE) framework

Open Cyber Threat Intelligence Platform

The FLARE team's open-source tool to identify capabilities in executable files.

CTFs as you need them

An open repo for Azure Monitor queries, workbooks, alerts and more