This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you select the EVTX file and specify a time for correlating login and…

Open Attack Simulation & Security Validation Platform

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

Azure Soc and SIEM Lab

An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.

Attack and defend active directory using modern post exploitation adversary tradecraft activity

Instructions for hacking and cloning RFID cards

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.

The Microsoft Teams Emergency Operations Center (TEOC) solution template leverages the power of the Microsoft 365 platform to centralize incident response, information sharing and field communicati…

IP address filter by City

TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of t…

cve-search - a tool to perform local searches for known vulnerabilities

Python tool for converting files and office documents to Markdown.

Version 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)

Uncover the true IP address of websites safeguarded by Cloudflare & Others

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

A client to gather vulnerability-related information from the Fediverse.

Logging Made Easy (LME) is a no cost, open source platform that centralizes log collection, enhances threat detection, and enables real-time alerting, helping small to medium-sized organizations s…

ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features.

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

Threat-hunting tool for Linux

Tool to guess CPE name based on common software name

Scripts and a short guide for using them to tier an Active Directory. Made for BSides Copenhagen 2024

Main Sigma Rule Repository

Obfuscated Penetration Testing PowerShell scripts

A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners

ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.

Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure …