An exploit for CVE-2015-1538-1 - Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Find web directories without bruteforce

Writeups for HacktheBox 'boot2root' machines

NTP Main-in-the-Middle tool

A threaded, recursive, web directory brute-force scanner over HTTP/2.

Android application compatible with ZX2C4's Pass command line application

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" fo…

Password manager

Browserpass native client app

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.

The CrowdStrike Falcon SDK for Python

Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK

This project aims to compare and evaluate the telemetry of various EDR products.

Ansible Scripts to Build Out My Parrot

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Threat Hunting queries for various attacks

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Browser In The Browser (BITB) Templates