Threat Express

All

22 repositories

edc
Public
Event Data Collector
Python
•
MIT License
•7•35•0•7•Updated Jul 4, 2024Jul 4, 2024
domainhunter
Public
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
Python
•
BSD 3-Clause "New" or "Revised" License
•287•1.5k•6•2•Updated Jun 6, 2024Jun 6, 2024
malleable-c2
Public
Cobalt Strike Malleable C2 Design and Reference Guide
GNU General Public License v3.0
•297•1.6k•2•1•Updated Dec 13, 2023Dec 13, 2023
threat-mitigation
Public
Threat Mitigation Strategies
10•25•0•0•Updated Jul 5, 2023Jul 5, 2023
threatexpress
Public
HTML
•4•11•0•0•Updated Feb 8, 2023Feb 8, 2023
cs2modrewrite
Public
Convert Cobalt Strike profiles to modrewrite scripts
Python
•
GNU General Public License v3.0
•114•583•1•2•Updated Jan 30, 2023Jan 30, 2023
random_c2_profile
Public
Cobalt Strike random C2 Profile generator
Python
•
GNU General Public License v3.0
•86•626•0•0•Updated Jan 5, 2023Jan 5, 2023
redteamguide
Public
Home of https://redteam.guide
JavaScript
•8•13•0•0•Updated Sep 19, 2022Sep 19, 2022
metatwin
Public
The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.
HTML
•67•328•2•1•Updated May 18, 2022May 18, 2022
cobaltstrike_payload_generator
Public
Quickly generate every payload type for each listener and optionally host via HTTP.
3•18•0•0•Updated Aug 23, 2021Aug 23, 2021
aggressor-scripts
Public
Cobalt Strike Aggressor Scripts
JavaScript
•23•139•0•0•Updated Aug 2, 2021Aug 2, 2021
mythic2modrewrite
Public
Generate Apache mod_rewrite rules for Mythic C2 profiles
Python
•
MIT License
•3•26•0•0•Updated Jul 22, 2021Jul 22, 2021
pasties
Public
A collection of random bits of information common to many individual penetration tests, red teams, and other assessments
Shell
•33•106•0•0•Updated Apr 21, 2021Apr 21, 2021
threatbox
Public
ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed a natural evolution.
Smarty
•13•72•1•0•Updated Feb 27, 2020Feb 27, 2020
red-team-scripts
Public
A collection of Red Team focused tools, scripts, and notes
PowerShell
•
BSD 3-Clause "New" or "Revised" License
•192•1.1k•0•0•Updated Nov 18, 2019Nov 18, 2019
portplow
Public
PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and services from multiple systems managed by a central console.
JavaScript
•10•53•0•0•Updated Aug 1, 2018Aug 1, 2018
procdot_sandbox
Public
ProcDot Malware Sandbox
Python
•6•21•0•0•Updated Jul 11, 2018Jul 11, 2018
tools
Public
Tools
0•1•0•0•Updated Jun 29, 2018Jun 29, 2018
tinyshell
Public
Python
•
Other
•37•167•1•0•Updated Jan 31, 2018Jan 31, 2018
invoke-pipeshell
Public
SMB Named Pipe shell
PowerShell
•15•63•0•0•Updated Jan 30, 2017Jan 30, 2017
subshell
Public
SubShell is a python command shell used to control and execute commands through HTTP requests to a webshell. SubShell acts as the interface to the remote webshells.
Python
•
Other
•15•72•0•0•Updated Nov 6, 2016Nov 6, 2016
persistence-aggressor-script
Public
initial commit
57•42•0•0•Updated Sep 30, 2016Sep 30, 2016