Stars
An incredibly fast proxy checker & IP rotator with ease.
dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
Small and highly portable detection tests based on MITRE's ATT&CK.
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Tools and Techniques for Red Team / Penetration Testing
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
VBA Obfuscation Tools combined with an MS office document generator
This repo covers some code execution and AV Evasion methods for Macros in Office documents
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…
Fully functioning reverse shell written entirely in VBA.
Process Dumper written entirely in VBA.
This Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method.
Inject remote template link into word document for remote template injection
ResourceHub, for everything Desktop Goose
an open source, extensible AI agent that goes beyond code suggestions - install, execute, edit, and test with any LLM
A modding launcher for the Desktop Goose by the ResourceHub project
Fast and customizable subdomain wordlist generator using DSL
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Malicious PDF files recently considered one of the most dangerous threats to the system security. The flexible code-bearing vector of the PDF format enables to attacker to carry out malicious code …
💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp…
PoC for Nginx 0.6.18 - 1.20.0 Memory Overwrite Vulnerability CVE-2021-23017
Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
ES ToolKit is a standalone solution to navigate and backup data for a wide range of Elasticsearch and Kibana versions.
Squalr Memory Editor - Game Hacking Tool Written in C#