Stars
The "Monash Enterprise Access Model" (MEAM) is a model for tiering Active Directory that builds heavily on the Microsoft Enterprise Access Model.
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Red Teaming Tactics and Techniques
Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber
A Kerberos implementation built entirely in managed code.
getsystem via parent process using ps1 & embeded c#
This repository is used for Windows client for IT Pro content on Microsoft Learn.
A repository for using windows event forwarding for incident detection and response
.NET library creating ssh agent and client applications (works with both PuTTY/Pageant and OpenSSH)
cobbr / ObfuscatedEmpire
Forked from EmpireProject/EmpireObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
darkoperator / SIMP
Forked from NationalSecurityAgency/SIMPInformation Repository for SIMP
Fast and powerful SSL/TLS scanning library.
unofficial/unsupported/experimental git export of https://sshnet.codeplex.com/
Script for Ubuntu/BackTrack for MSDN Enumeration using Avahi-Utils
PowerShell Module with Security cmdlets for security work
Collection of single use scripts I worte for windows forensics
Ruby interface to the VMware vSphere API.
Plugins for Metasploit Framework
Meterpreter Scripts that I'm working on