Skip to content

Popular repositories Loading

  1. malleable-c2 malleable-c2 Public

    Cobalt Strike Malleable C2 Design and Reference Guide

    1.6k 298

  2. domainhunter domainhunter Public

    Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names

    Python 1.6k 289

  3. red-team-scripts red-team-scripts Public

    A collection of Red Team focused tools, scripts, and notes

    PowerShell 1.1k 194

  4. random_c2_profile random_c2_profile Public

    Cobalt Strike random C2 Profile generator

    Python 632 88

  5. cs2modrewrite cs2modrewrite Public

    Convert Cobalt Strike profiles to modrewrite scripts

    Python 585 114

  6. metatwin metatwin Public

    The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.

    HTML 336 67

Repositories

Showing 10 of 22 repositories
  • procdot_sandbox Public

    ProcDot Malware Sandbox

    threatexpress/procdot_sandbox’s past year of commit activity
    Python 21 MIT 6 0 0 Updated Nov 19, 2024
  • portplow Public

    PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and services from multiple systems managed by a central console.

    threatexpress/portplow’s past year of commit activity
    JavaScript 53 MIT 10 0 0 Updated Nov 19, 2024
  • threatbox Public

    ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed a natural evolution.

    threatexpress/threatbox’s past year of commit activity
    Smarty 72 MIT 13 1 0 Updated Nov 19, 2024
  • pasties Public

    A collection of random bits of information common to many individual penetration tests, red teams, and other assessments

    threatexpress/pasties’s past year of commit activity
    Shell 106 MIT 33 0 0 Updated Nov 19, 2024
  • aggressor-scripts Public

    Cobalt Strike Aggressor Scripts

    threatexpress/aggressor-scripts’s past year of commit activity
    JavaScript 139 MIT 23 0 0 Updated Nov 19, 2024
  • metatwin Public

    The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.

    threatexpress/metatwin’s past year of commit activity
    HTML 336 MIT 67 2 1 Updated Nov 19, 2024
  • red-team-scripts Public

    A collection of Red Team focused tools, scripts, and notes

    threatexpress/red-team-scripts’s past year of commit activity
    PowerShell 1,113 MIT 194 0 0 Updated Nov 19, 2024
  • invoke-pipeshell Public

    SMB Named Pipe shell

    threatexpress/invoke-pipeshell’s past year of commit activity
    PowerShell 64 Unlicense 15 0 0 Updated Nov 19, 2024
  • threatexpress/persistence-aggressor-script’s past year of commit activity
    42 Unlicense 65 0 0 Updated Nov 19, 2024
  • edc Public

    Event Data Collector

    threatexpress/edc’s past year of commit activity
    Python 35 MIT 7 0 7 Updated Jul 4, 2024