✨ Fully autonomous AI Agents system capable of performing complex penetration testing tasks

Get up and running with Kimi-K2.5, GLM-5, MiniMax, DeepSeek, gpt-oss, Qwen, Gemma and other models.

Proof of Concept Exploit for vCenter CVE-2021-21972

NeuroSploit is an advanced, AI-powered penetration testing framework designed to automate and augment various aspects of offensive security operations. Leveraging the capabilities of large language…

A Modern Orchestration Engine for Security

An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention.

Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more

Sickle - Payload Development Kit

A repository that maps commonly used attacks using MSRPC protocols to ATT&CK

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Active Directory Integrated DNS dumping by any authenticated user

The swiss army knife of LSASS dumping

Privilege Escalation Project - Windows / Linux / Mac

PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

This script will create a POC that will steal NTML hashes from a remote computer. Do not use this for illegal purposes.The author does not keep responsibility for any illegal action you do.

A comprehensive modern architecture model is proposed to integrate platform solutions and tooling to support a professional Red Team.

Hercules is the world’s first open-source testing agent, enabling UI, API, Security, Accessibility, and Visual validations – all without code or maintenance. Automate testing effortlessly and let H…

Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall

Wireless keystroke injection attack platform

AD Lab Setup Scripts

Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory

This repo contains some Amsi Bypass methods i found on different Blog Posts.

undetectable reverse shell that can bypass windows defender and other AVs, by resolving functions at runtime and string encoding/hashing.

A collaborative, multi-platform, red teaming framework

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

C# implementation of harmj0y's PowerView

Python version of the C# tool for "Shadow Credentials" attacks

Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool

SharpUp is a C# port of various PowerUp functionality.