Home

Awesome

awesome-windows-security

Pirate List of awesome Windows security resources

This list is for anyone wishing to learn offensive Windows security. The list will for the most part consist of tools available on Github.

The tools are categorized according to Adversarial Tactics and Techniques based on Mitre ATT&CK. Some tools fit several technqiues and some doesn't quite fit anywhere. I appreciate any help with finding the right tactics and techniques.

You can contribute by sending pull requests, create issues with suggestions or write to me on Twitter @chryzsh. I have made a template for adding new tools here -> Contributing

Table of Contents


Initial Access

T1203 - Exploitation for Client Execution

Execution

T1047 - Windows Management Instrumentation

Persistence

Privilege Escalation

Uncategorized

T1068 - Exploitation for Privilege Escalation

T1134 - Access Token Manipulation

Defense Evasion

AMSI bypassing

Log removal

T1089 - Disabling Security Tools

T1027 - Obfuscated Files or Information

T1055 - Process Injection

Credential Access

T1208 - Kerberoasting

T1081 - Credentials in Files

T1214 - Credentials in Registry

T1110 - Brute Force

T1003 - Credential Dumping

T1171 - LLMNR/NBT-NS Poisoning

Discovery

T1135 - Network Share Discovery

T1082 - System Information Discovery

Lateral Movement

Collection

T1005 - Data from Local System

Exfiltration

T1048 - Exfiltration Over Alternative Protocol

Command and Control

Frameworks

T1102 - Web Service

Defense

Misc

Post Exploitation Frameworks & Tools

Exploit Development

Red Team

Gitbooks

Ebooks

Twitter

Contributing

If you want to contribute a technique please use the following template. You are allowed to link to multiple procedures and articles for each tool

### [T1234 - Name of Technique](https://attack.mitre.org/techniques/T1234/)
* [github-repo](https://github.com/username/github-repo) - Description from repo. Copypaste is allowed.
  * [Procedure](https://link.to.procedure.com)
  * [Article](https://link.to.article.com)