Search Results for "virtual-machine"

FLARE VM is a security-focused Windows workstation distribution designed for malware analysis, reverse engineering, penetration testing, and threat hunting. It bundles a curated set of tools—disassemblers, debuggers, decompilers, virtualization, forensics utilities, packet capture tools, exploit frameworks, and hex editors—preconfigured to work together. The environment configures paths, dependencies, environment variables, and common tool integrations so analysts can focus on tasks rather...

This repository, also known as HardeningKitty, is a comprehensive Windows hardening checklist for personal and enterprise environments. It translates security benchmarks (e.g., CIS, Microsoft Security Baselines) into actionable Group Policy and registry recommendations. Though designed primarily for Windows 10, it includes workaround modes such as “HailMary” for Windows Home users lacking the Group Policy Editor.

...It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for security research and defensive testing: defenders and red teams use it to validate endpoint controls, USB whitelisting, and user training. Due to the dual-use nature of such techniques, responsible repositories emphasize lab-only experiments, consent-based testing, and mitigations like disabling autorun, enforcing device policies, and using endpoint detection.

UltimateAppLockerByPassList is a community-curated repository that collects known techniques, patterns, and candidate binaries that have been observed or proposed to bypass Microsoft AppLocker and similar executable control policies. The project functions as a living catalog: entries list binaries, script hosts, and patterns that researchers have tested or reported in the wild, along with notes about context, platform constraints, and mitigation ideas. It is aimed primarily at defenders,...

Active-Directory-Exploitation-Cheat-Sheet is a comprehensive, community-curated cheat sheet that collects practical enumeration commands, attack techniques, and quick references for attacking and auditing Windows Active Directory environments. The repository is organized as a stepwise kill-chain: recon, domain enumeration, local privilege escalation, user hunting, BloodHound guidance, lateral movement, persistence, domain-admin takeover, cross-trust attacks, data exfiltration, and a toolbox...

Security‑Datasets is a community-driven repository maintained by the Open Threat Research Forge (OTRF) that curates publicly available malicious and benign datasets for threat-hunting, machine learning, event analysis, and cybersecurity research. Datasets include Windows events, logs, alerts, and simulated attack data to support detection engineering and academic research.