Snakes on a Domain: An Analysis of a Python Malware Loader
https://www.huntress.com/blog/snakes-on-a-domain-an-analysis-of-a-python-malware-loader

Pwning ManageEngine — From Endpoint to Exploit | by Erik Wynter | Oct, 2022 | Medium
https://medium.com/@erik.wynter/pwning-manageengine-from-endpoint-to-exploit-bc5793836fd

GitHub - cisagov/RedEye: RedEye is a visual analytic tool supporting Red & Blue Team operations
https://github.com/cisagov/RedEye/

Practical Attacks against NTLMv1 - TrustedSec
https://www.trustedsec.com/blog/practical-attacks-against-ntlmv1/

Hardware Trojans Under a Microscope | by Ryan Cornateanu | Oct, 2022 | Medium
https://ryancor.medium.com/hardware-trojans-under-a-microscope-bf542acbcc29

GitHub - VirtualAlllocEx/Payload-Download-Cradles: This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.
https://github.com/VirtualAlllocEx/Payload-Download-Cradles

GitHub - projectdiscovery/katana: A next-generation crawling and spidering framework.
https://github.com/projectdiscovery/katana

Fantastic Rootkits: And Where to Find Them (Part 1)
https://www.cyberark.com/resources/threat-research-blog/fantastic-rootkits-and-where-to-find-them-part-1

GitHub - ryanries/PassFiltEx: PassFiltEx. An Active Directory Password Filter.
https://github.com/ryanries/PassFiltEx

Metaphor
https://metaphor.systems/

GitHub - wavvs/nanorobeus: COFF file (BOF) for managing Kerberos tickets.
https://github.com/wavvs/nanorobeus

The new cs.github.com search allows for regex, which means brand new regex GitHub Dorks are possible!

Eg, find SSH and FTP passwords via connection strings with:
/ssh:\/\/.*:.*@.*target\.com/
/ftp:\/\/.*:.*@.*target\.com/