Beacon Object File for LDAP Queries Through ADWS

MCP Server for Ghidra

This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found within the library

Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools

Command line access to the Registry

CVE-2026-41089 PoC — Netlogon CLDAP stack buffer overflow (CVSS 9.8 CRITICAL)

Cockpit is a web-based graphical interface for servers.

Like cURL, but for gRPC: Command-line tool for interacting with gRPC servers

Easily and securely send things from one computer to another 🐊 📦

Official Sonara Lang Repository

Stealth Chromium that passes every bot detection test. Drop-in Playwright replacement with source-level fingerprint patches. 30/30 tests passed.

π RuView turns commodity WiFi signals into real-time spatial intelligence, vital sign monitoring, and presence detection — all without a single pixel of video.

Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wireshark

A self-contained, EDR-evasive Active Directory privilege archaeology engine. V2 no longer requires SharpHound — it collects directly from AD, encrypts the output, and feeds it into the AI analysis …

M365 Conditional Access Policy Bypass OST (Offensive Tooling)

An AI-powered reverse-engineering copilot for assisting tedious malware analysis in IDA Pro.

Fast, zero-dependency credential testing tool in Go. Brute force SSH, MySQL, PostgreSQL, Redis, MongoDB, SMB, and 20+ protocols. Hydra alternative with native nerva/naabu pipeline integration.

ChameleonAF is an anti-forensic instrumentation framework designed to support the development, compilation, deployment, and evaluation of Android anti-forensic features.

reverse engineering Gemini's SynthID detection

Fully asynchronous SMB library written in pure python

Publications from Calif

DroidRecon automates the static security analysis of Android applications from the Google Play Store

Command-line tool and library for Windows remote command execution in Go

Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By following this approach, a security researcher will hopefully…

Transform LDAP filters, BaseDNs, attribute lists, and attribute entries using composable middleware chains. Zero dependencies. Works as a library or CLI tool.

We took PersistenceSniper, merged it with Python, and misspelled it on purpose. Meet PyrsistenceSniper.

KslDump — Why bring your own knife when Defender already left one in the kitchen?

AWS SSO Device-Code Phishing Toolkit for Red / Purple Teams

Extract Windows credentials directly from VM memory snapshots and virtual disks