Lab4PurpleSec is a modular Purple Team homelab combining a vulnerable Active Directory environment (GOAD), a Docker-based web DMZ, pfSense + Suricata, and a Wazuh SIEM. It provides a realistic, open-source training environment for web exploitation, pivoting, Active Directory attacks, and Blue Team detection.
☆227Dec 31, 2025Updated 6 months ago
Alternatives and similar repositories for Lab4PurpleSec
Users that are interested in Lab4PurpleSec are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆35Jun 24, 2026Updated last week
- Automagically decode DNS Exfiltration queries to convert Blind RCE into proper RCE via Burp Collaborator☆21Jan 7, 2026Updated 5 months ago
- The samples referenced in my book, Evasive Malware (No starch Press)☆62Feb 20, 2026Updated 4 months ago
- Living of the Land of Free SaaS☆77Mar 22, 2026Updated 3 months ago
- Commandline spoofing on Windows☆100Nov 25, 2025Updated 7 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Novel Windows process injection: assembles existing open handles (process & thread), natural RWX regions, and special user APC (NtQueueAp…☆75Feb 17, 2026Updated 4 months ago
- Passive JavaScript reconnaissance for penetration testers — bridging Burp Suite traffic into structured, AST-based analysis in VSCode.☆36Feb 5, 2026Updated 4 months ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆86Jan 26, 2026Updated 5 months ago
- Overview of MS Defender☆150Feb 20, 2026Updated 4 months ago
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆83Apr 11, 2026Updated 2 months ago
- A simple vulnerability scanning application built with FastAPI. vulnerability-scanner open-source-security nmap-cve SIEM☆34Dec 21, 2025Updated 6 months ago
- Run Dockerized web browsers from other operating systems on Linux.☆14May 27, 2026Updated last month
- Notion C2 Profile for Mythic☆47Apr 30, 2026Updated 2 months ago
- AI-powered modular Active Directory red-team framework for authorized penetration testing, AD enumeration, attack-path analysis, Kerber…☆323Jun 11, 2026Updated 3 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A headless MCP server for IDA Pro and Ghidra☆114Jun 23, 2026Updated last week
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 6 months ago
- Enhanced, Faster, Better version of the exploit☆25Dec 27, 2025Updated 6 months ago
- Opengraph-Compatible JSON Generator for BloodHound☆29Mar 30, 2026Updated 3 months ago
- Slides and resources from MCTTP 2025 Talk☆70Oct 26, 2025Updated 8 months ago
- PoC for distributed NTP reflection DoS (CVE-2013-5211)☆10Oct 4, 2019Updated 6 years ago
- Retrieves and aggregates public OSINT data about a GitHub user using Go and the GitHub API. Finds hidden emails in commit history, previo…☆43Apr 1, 2026Updated 3 months ago
- load arbitrary dlls, call any exported function, calls execute inside g0 as normal syscalls do from the traditional route, no syscall or …☆29May 4, 2026Updated 2 months ago
- Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.☆125Jun 10, 2026Updated 3 weeks ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A collection of vibe reverse engineered binaries and malware (for educational purposes only)☆92Jun 1, 2026Updated last month
- ☆66Oct 3, 2025Updated 9 months ago
- Multi-protocol credential validation tool with spray and no-spray modes for penetration testing.☆32Jun 1, 2026Updated last month
- PolyEngine is an evasive PE packer designed for CTF challenges and low-level Windows security education. It focuses on bypassing EDR and …☆142Jun 10, 2026Updated 3 weeks ago
- Open KLara Project☆37May 18, 2026Updated last month
- SentinelOne Windows Installation Diagnostic☆13Apr 14, 2025Updated last year
- A beginner-friendly collection of Rust notes focused on Red Team Tooling • Malware Development • Systems Programming • Rust Fundamentals☆62Jun 22, 2026Updated last week
- Production-ready PowerShell and Bash scripts for RMM platforms (SuperOps, Datto, NinjaRMM)☆28Jun 24, 2026Updated last week
- Azure apim mini proxy☆61May 18, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Automated Password Dumper for Web Browsers☆16Mar 23, 2014Updated 12 years ago
- ☆45Oct 10, 2025Updated 8 months ago
- ClickForClickOnce - Generate configurable clickonce payloads☆97Apr 17, 2026Updated 2 months ago
- A high-performance domain scanner that discovers active domains by testing multiple Top-Level Domains (TLDs) for given domain names.☆34Apr 20, 2026Updated 2 months ago
- ☆28Mar 14, 2026Updated 3 months ago
- Hackers Cookbook - Tons of hacker cli recipes ready to search and use when you need them☆50Mar 12, 2026Updated 3 months ago
- C2-agnostic BOF collection, categorized by attack chain phase. Designed to be small and modular, allowing for quick execution and automat…☆309Jun 22, 2026Updated last week