Threat Express (@threatexpress)
  • Stars
    star
    6,241
  • Global Org. Rank 3,731 (Top 2 %)
  • Registered about 8 years ago
  • Most used languages
    Python
    47.1 %
    JavaScript
    17.6 %
    PowerShell
    11.8 %
    HTML
    11.8 %
    Smarty
    5.9 %
    Shell
    5.9 %

Top repositories

1

malleable-c2

Cobalt Strike Malleable C2 Design and Reference Guide
1,434
star
2

domainhunter

Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
Python
1,418
star
3

red-team-scripts

A collection of Red Team focused tools, scripts, and notes
PowerShell
1,092
star
4

random_c2_profile

Cobalt Strike random C2 Profile generator
Python
583
star
5

cs2modrewrite

Convert Cobalt Strike profiles to modrewrite scripts
Python
565
star
6

metatwin

The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.
HTML
313
star
7

tinyshell

Python
161
star
8

aggressor-scripts

Cobalt Strike Aggressor Scripts
JavaScript
137
star
9

pasties

A collection of random bits of information common to many individual penetration tests, red teams, and other assessments
Shell
106
star
10

subshell

SubShell is a python command shell used to control and execute commands through HTTP requests to a webshell. SubShell acts as the interface to the remote webshells.
Python
73
star
11

threatbox

ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed a natural evolution.
Smarty
69
star
12

invoke-pipeshell

SMB Named Pipe shell
PowerShell
62
star
13

portplow

PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and services from multiple systems managed by a central console.
JavaScript
53
star
14

edc

Event Data Collector
Python
34
star
15

mythic2modrewrite

Generate Apache mod_rewrite rules for Mythic C2 profiles
Python
25
star
16

threat-mitigation

Threat Mitigation Strategies
22
star
17

procdot_sandbox

ProcDot Malware Sandbox
Python
19
star
18

cobaltstrike_payload_generator

Quickly generate every payload type for each listener and optionally host via HTTP.
13
star
19

threatexpress

HTML
11
star
20

redteamguide

Home of https://redteam.guide
JavaScript
9
star
21

tools

Tools
1
star