IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228

Sample queries for Advanced hunting in Microsoft 365 Defender

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Test tool for CVE-2020-1472

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

Script to fetch data from virustotal and add it to a specific event as an object

AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project

JShell - Get a JavaScript shell with XSS.

BtleJuice Bluetooth Smart (LE) Man-in-the-Middle framework

Official Black Hat Arsenal Security Tools Repository

A collection of open source and commercial tools that aid in red team operations.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

HTA encryption tool for RedTeams

Frontpage and Sharepoint fingerprinting and attack tool.

A tool to abuse Exchange services

A toolset to make a system look as if it was the victim of an APT attack

IP-Biter: The Hacker-friendly E-Mail (but not only) Tracking Framework