Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science

A Python script that uses a custom statistical measure Range Coverage Ratio (RCR) to determine the use of payload/data jitter in a C2 agent

magnum opus c2 threat emulation framework

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

Indicators of Compromise (IOCs) from malware or suspicious network traffic

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.

Tools for working with Zeek logs

Extracts fields from zeek logs, compatible with zeek-cut

Proxmox VE Helper-Scripts (Community Edition)

Quick shell script by Chris Brenton at ACM to share SSH Public keys for people to confirm fingerprints on first ssh.

This class is a broad overview and dive into Exploiting AI and the different attacks that exist, and best practice strategies.

Create lab environment for Linux Command Line course

WifiForge is a tool developed by Black Hills InfoSec to help train Pentesters on different Wi-Fi attack vectors and Wireless capabilities.

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

The "Monash Enterprise Access Model" (MEAM) is a model for tiering Active Directory that builds heavily on the Microsoft Enterprise Access Model.

Yet another draw.io Shapes Collection

An awesome list of resources on deception-based security with honeypots and honeytokens

A simple, lightweight PowerShell script to remove pre-installed apps, disable telemetry, as well as perform various other changes to customize, declutter and improve your Windows experience. Win11D…

Diagrams used in my YouTube Videos

Attack Detect Defend Course Pre-Requisites

A little tool to play with Windows security

Six Degrees of Domain Admin

AD Lab setup for learning infosec

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices