Skip to content
@optiv

Optiv Source Zero

Optiv Source Zero provides research, tools and resources for the innovative cybersecurity community. Part of Optiv.

Pinned Loading

  1. ScareCrow ScareCrow Public archive

    ScareCrow - Payload creation framework designed around EDR bypass.

    Go 2.9k 523

  2. Ivy Ivy Public archive

    Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environmen…

    Go 747 131

  3. Go365 Go365 Public

    An Office365 User Attack Tool

    Go 645 105

  4. Dent Dent Public archive

    A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.

    Go 298 47

  5. Talon Talon Public archive

    A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.

    Go 448 82

  6. Registry-Recon Registry-Recon Public

    Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon

    343 33

Repositories

Showing 10 of 47 repositories
  • KnockKnock Public archive

    Enumerate valid users within Microsoft Teams and OneDrive with clean output.

    optiv/KnockKnock’s past year of commit activity
    Python 59 6 0 0 Updated Feb 4, 2025
  • doppelganger Public archive

    Doppelgänger is firmware that runs on ESP32 devices that can be embedded within commercially available RFID readers with the intent of capturing access control card data while performing physical security assessments. Doppelgänger keeps the operator's ease of access, maintenance, and operational communications in mind.

    optiv/doppelganger’s past year of commit activity
    C++ 16 MIT 11 0 0 Updated Jun 14, 2024
  • OSINT_Encyclopedia Public

    Your go-to resource for all things OSINT

    optiv/OSINT_Encyclopedia’s past year of commit activity
    181 MIT 25 0 2 Updated Mar 28, 2024
  • Go365 Public

    An Office365 User Attack Tool

    optiv/Go365’s past year of commit activity
    Go 645 MIT 105 5 6 Updated Mar 19, 2024
  • blemon Public

    Universal BLE Monitoring with Frida (or Objection)

    optiv/blemon’s past year of commit activity
    JavaScript 107 MIT 14 4 2 Updated Nov 13, 2023
  • Talon Public archive

    A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.

    optiv/Talon’s past year of commit activity
    Go 448 MIT 82 2 3 Updated Aug 18, 2023
  • Mangle Public archive

    Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

    optiv/Mangle’s past year of commit activity
    Go 1,231 MIT 168 2 1 Updated Aug 18, 2023
  • Ivy Public archive

    Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.

    optiv/Ivy’s past year of commit activity
    Go 747 MIT 131 4 1 Updated Aug 18, 2023
  • Dent Public archive

    A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.

    optiv/Dent’s past year of commit activity
    Go 298 MIT 47 0 2 Updated Aug 18, 2023
  • Freeze.rs Public archive

    Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST

    optiv/Freeze.rs’s past year of commit activity
    Rust 723 MIT 88 0 0 Updated Aug 18, 2023
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Most used topics

Loading…