Adversary tradecraft detection, protection, and hunting

Chromium fork named after radioactive element No. 90. Windows and MacOS/Raspi/Android/Special builds are in different repositories, links are towards the top of the README.md.

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

A collection of android security related resources

An HTTP toolkit for security research.

Cross-Platform Keystroke Launcher

Creates github index for similar repositories discovery

Globally-distributed applications with Microsoft Azure - Free e-book

OWASP ASVS checklist for audits

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Mimikatz implementation in pure Python

Solo 1 firmware in C

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Most advanced XSS scanner.

.NET runtime inspector

Perform various SMB-related attacks, particularly useful for testing large Active Directory environments.

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

Cure53 Browser Security White Paper

PassFiltEx. An Active Directory Password Filter.

High-precision indoor positioning framework, version 3.

The Hunting ELK

better(?) xargs in go

Fort Firewall for Windows

Windows kernel-mode driver for controlling access to various input devices.

Windows Sandbox Tool - Trustworthy Computing

Fabulously kill processes. Cross-platform.

A repository of sysmon configuration modules