Interesting Git repos of the week:

timb_machine@infosec.exchange

Interesting Git repos of the week:

Strategy:

* https://github.com/jacobdjwilson/awesome-annual-security-reports - all you can eat annual reports, thanks @jacobdjwilson

Detection:

* https://github.com/EFForg/rayhunter - hunting cell site simulators with @eff

Exploitation:

* https://github.com/wietze/lnk-it-up - make your own malicious links
* https://github.com/dievus/ADPulse - more fun with the AD identity graph
* https://github.com/trustedsec/Titanis - build your own Microsoft RPC clients
* https://github.com/RantaSec/golinhound - graphing Linux trust paths
* https://github.com/praetorian-inc/nerva - fingerprint that service
* https://github.com/cisco-ai-defense/skill-scanner - check whether an agentic skill is malicious
* https://github.com/Logisek/EvilMist - red team tools for the cloud
* https://github.com/praetorian-inc/GitPhish - phish with GitHub
* https://github.com/Antonlovesdnb/TTPRunner - automate your BAS with @Antonlovesdnb's LLM generated TTPs
* https://github.com/praetorian-inc/augustus - TTPs for testing LLMs
* https://github.com/ricardojoserf/AutoPtT - another way to automated ticket-passing attacks
* https://github.com/0xsh3llf1r3/ColdWer - enough BOF to send your EDR to sleep
* https://github.com/sliverarmory/malasada - convert your .so to shell code
* https://github.com/subat0mik/Misconfiguration-Manager - abusing SCCM misconfigurations
* https://github.com/dazzyddos/lsawhisper-bof - BOF to chat with LSA

Hard hacks:

* https://github.com/dmaynor/airdrop-observatory - spy on AirDrop with @Dmaynor

Data:

* https://github.com/Siguza/tld - @siguza helps you understand who owns that TLD?

Nerd:

* https://github.com/rbanffy/fun-with-old-mainframes - @rbanffy's tips on messing with big green screen
* https://github.com/mitchellh/vouch - building community trust

#security, #research, #code