Autonomous penetration testing using a swarm of AI agents. Orchestrates recon, classification, exploitation, and reporting specialists with ReAct reasoning — supports bug bounty, continuous monitor…

Protected Process Dumper Tool

A BloodHound OpenGraph collector that models Windows local privilege escalation as interconnected attack paths.

Havoc C2 BOF — WFP kernel-space SYSTEM escalation + command execution with indirect syscalls, patchless AMSI/ETW bypass, and return address spoofing

Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.

Modules designed to be used with the Conquest framework.

Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.

Another BYOVD process killer. works on all EDR's. fully signed.

🕵️‍♂️ (2-in-1) Email & Username OSINT suite for deep data extraction. Analyzes 240+ scan vectors (100+ email / 140+ username) for security research, investigations, and digital footprinting.

Technical Reference to multiple relay techniques

Execute commands interactively on remote Windows machines using the WinRM protocol (just faster)

Next.js v16.2.4 Security PoC Collection (CVE-2026-23870, CVE-2026-44575, CVE-2026-44579, CVE-2026-44574, CVE-2026-44578, CVE-2026-44573, CVE-2026-44581, CVE-2026-44580, CVE-2026-44577, CVE-2026-445…

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

Adversary tradecraft detection, protection, and hunting

PowerShell implementation for AD CS

Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞

An agent-managed museum exhibit, built in Rust with Gajae-Code / LazyCodex — developed and maintained with no human intervention.

odoo automated pentest

Plecost - Professional WordPress Security Scanner

Goauld is a post-exploitation and remote access tool designed for restricted environments.

SOCKS5 / HTTP CONNECT proxy that load-balances outbound traffic across a pool of dynamically deployed Cloudflare Workers

Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

This is the repository for indicators of compromise (IOCs) and other data for threat intelligence articles posted on the Palo Alto Networks Unit 42 website.

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

Open-source offensive security platform for conducting phishing campaigns that weaponizes iCalendar automatic event processing.

Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

PoC Exploit for the NTLM reflection SMB flaw.

AD Pentest Cheatsheet by BlackWasp

♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎