Stars
MemoryModule which compatible with Win32 API and support exception handling
Tools for interacting with authentication packages using their individual message protocols
A modern 32/64-bit position independent implant template
PowerShell MachineAccountQuota and DNS exploit tools
proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained p…
Dump the memory of any PPL with a Userland exploit chain
RavnOS, (from norwegian; raven), is a operative system programmed in Rust. Aims to be; minimal, stable, secure and modern ( this maybe you know as; state-of-art ).
A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Windows syscalls. ShellWasp is built for 32-bit, WoW64. ShellWas…
A C compiler targeting an artistically pleasing nightmare for reverse engineers
Tool for Active Directory Certificate Services enumeration and abuse
A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
PowerShell framework to assess Azure security
A collection of Azure AD/Entra tools for offensive and defensive security purposes
An advanced tool for working with access tokens and Windows security policy.
Write snippets of code in C++, Python, Ruby, and others as documentation and execute them as regression tests.
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.
A swiss army knife for pentesting networks
A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)