This project collects third-party binaries and libraries commonly found in business environments which can be leveraged to execute commands, manipulate files, bypass AppLocker and much more.
-
Updated
Nov 25, 2022
This project collects third-party binaries and libraries commonly found in business environments which can be leveraged to execute commands, manipulate files, bypass AppLocker and much more.
Monitoring Stack Overflow Enterprise for exposed secrets
Personal Bloodhound Community Edition notes
Home Lab involving AD Domain Controller, Domain Joined Windows Machine, Firewall with IDS/IPS, all feeding event logs to an EDR and Security Monitoring solutions, The objective of the project is learn how to detect, respond and protect against emerging threats and to observe attack patterns by emulating attacks against Virtualized Endpoints.
Documentation of the Red vs Blue project from the CWRU Cybersecurity course.
SWI Prolog code for research into identifying Command and Control (C2) channels with analysis of timestamps
ARTiC2 Atomics includes Powershell scripts executed with python controllers and loaded with boolang via .NET CLR.
l
PurpleSharpEnhanced is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
All-In-One: Purple Teaming Exercises with Open-Source Tools
Security Labs
A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small HELK R&D lab in Azure.
A simple powershell script to execute one liner commands in windows
Documentation of the Final Project from the CWRU Cybersecurity course.
A group of simple scripts in python and shell to zip up interesting credentials or other data and post them to a lightweight dns and http listeners. Shows POC and can be used to test SIEM triggers
A forked version of Atomic YAML instructions and technique dependencies used by ARTiC2 controllers to construct and execute red team atomic test cases from memory
This is a collection of various Wazuh detection rules for vulnerabilities, malware and adversary emulations.
AWS Lambda functions of OWASP PurpleTeam
Add a description, image, and links to the purpleteam topic page so that developers can more easily learn about it.
To associate your repository with the purpleteam topic, visit your repo's landing page and select "manage topics."