☆169Sep 30, 2025Updated 5 months ago
Alternatives and similar repositories for SWAT
Users that are interested in SWAT are comparing it to the libraries listed below
Sorting:
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆83Apr 27, 2024Updated last year
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Jan 12, 2024Updated 2 years ago
- Azure DevOps Services Attack Toolkit☆314Mar 15, 2025Updated 11 months ago
- This python script performs a number of sqlite queries (mainly password metadata) against sqlite databases (Created by ROADtools) to prov…☆22Jul 3, 2024Updated last year
- Granular, Actionable Adversary Emulation for the Cloud☆2,266Feb 13, 2026Updated 2 weeks ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,205Dec 29, 2025Updated 2 months ago
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆412Updated this week
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆338Feb 13, 2026Updated 2 weeks ago
- Tool for obfuscating and deobfuscating data.☆75Mar 20, 2024Updated last year
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆193Apr 14, 2024Updated last year
- ☆22May 27, 2024Updated last year
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆817Feb 17, 2025Updated last year
- A tool to create randomly insecure file shares that also contain unsecured credential files☆48Feb 16, 2026Updated last week
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated 11 months ago
- Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threa…☆1,403Jun 24, 2025Updated 8 months ago
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated 11 months ago
- ☆25Jun 27, 2024Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆113Nov 13, 2024Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse en…☆487Updated this week
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆402Sep 2, 2023Updated 2 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆173Jan 30, 2026Updated last month
- Aftermath is a free macOS IR framework☆569Sep 25, 2025Updated 5 months ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- BlueHound - pinpoint the security issues that actually matter☆761Jul 12, 2023Updated 2 years ago
- Canary Detection☆190Oct 20, 2025Updated 4 months ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆605Nov 28, 2024Updated last year
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆323Oct 12, 2025Updated 4 months ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆118Aug 19, 2025Updated 6 months ago
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆142Jan 2, 2025Updated last year
- DFIR project to collect and analyze events in Google Workspace☆13Apr 12, 2024Updated last year
- A Red Team Activity Hub☆235Feb 12, 2026Updated 2 weeks ago
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- ☆190Feb 8, 2026Updated 2 weeks ago
- Repository with supporting materials for Invictus Academy/Training☆44Jan 3, 2025Updated last year
- Production-ready detection & response queries for osquery☆600Aug 13, 2025Updated 6 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆289Nov 11, 2025Updated 3 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆287May 16, 2025Updated 9 months ago