Stars
Open-source passive reconnaissance and attack surface exploration tool that leverages VirusTotal and the Wayback Machine to discover subdomains, URLs, archived web assets, and potential exposure fi…
Decentralized C2 framework built on libp2p
The ultimate steganography and digital forensics toolkit. Hide and extract data across images, audio, video, documents, and network packets, or run 11 advanced detection engines to uncover hidden p…
CVE-2020-17103 adapted for C2 with split-binary SYSTEM callback
A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server.
RoguePlanet Windows Defender Vulnerability
A reflective DLL development template for the Rust programming language
Reimplementing Havoc Pro Runtime Channel Switching and Cobalt Strike UDC2 features.
Azure RedOps is a offensive security toolkit for assessing the security posture of Microsoft Entra ID
eilmeldung is a TUI RSS reader based on the awesome news-flash library.
Open-source LLM red-teaming technique toolkit (162 transforms, 36 mutators, 25 tool surfaces). MIT.
AI-powered modular Active Directory red-team framework for authorized penetration testing, AD enumeration, attack-path analysis, Kerberos/ADCS workflows, reporting, operator automation, and MCP ser…
Secrets scanner with a twist... this is for getting threat actor credentials from MALWARE. Acquire TA creds from FLOSS exports, memdumps, Binja exports, etc. to get C2 credentials, embedded API key…
Read-only developer endpoint scanner for on-disk package, extension, and developer-tool metadata, built to check exposure to known software supply-chain compromises.
AI-powered OSINT agent with interactive REPL, MCP server, and CLI. 16 tools. Works with Claude, GPT-4, or local models. For authorized security research only.
A pytest-native safety and security testing framework for agentic AI applications
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Repository hosting a hypothetical EDR Spoofer, as discovered originally by Nightmare-Eclipse
Next.js v16.2.4 Security PoC Collection (CVE-2026-23870, CVE-2026-44575, CVE-2026-44579, CVE-2026-44574, CVE-2026-44578, CVE-2026-44573, CVE-2026-44581, CVE-2026-44580, CVE-2026-44577, CVE-2026-445…
Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing. Project Onyx is a PoC Red Team pipeline designed to demonstrate advanced evasion techniques against modern EDR systems. It shifts a…
A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++
Polymorphic AV/AMSI bypass toolkit - Donut shellcode runner for offensive .NET/PE tools
Busybox-style Beacon Object Files for *nix post-exploitation. Reimplements common Unix utilities as BOFs for use in stripped environments (Docker containers, Kubernetes pods, minimal VMs) where no …