Massaer Mbengue's Projects
A toolset to make a system look as if it was the victim of an APT attack
A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.
A curated list of awesome YARA rules, tools, and people.
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
A place to share SCYTHE modules with the community.
A place to share attack chains for testing people, process, and technology with the entire community. The largest, public library of adversary emulation and adversary simulation plans! #ThreatThursday
Automate the creation of a lab environment complete with security tooling and logging best practices
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
A collection of captive portals for phishing using a WiFi Pineapple
A shorter, less intimidating list of infosec resources helpful for anyone trying to learn.
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
A playground to play with Powershell using Jupyter Notebooks.
Microsoft 365 Defender - Resource Hub
Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.
A Command-line tool which leverages the Tenable.io API to reduce the time it takes to get information that is common during remediation or a troubleshooting event
Mind maps / flow charts to help with privilege escalation on the OSCP.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Identify privilege escalation paths within and across different clouds
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpose of generating attack telemetry in properly monitored Windows enterprise environments
Random Code Store
Ransomware simulator written in Golang
Creates a Transit Gateway with two server VPCs and a security VPC
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab