NFC signal and protocol analyzer using SDR receiver

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web application…

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advan…

eml metadata parser.

A Poc on blocking Procmon from monitoring network events

PoCs and tools for investigation of Windows process execution techniques

Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation

Malicious shortcut generator for collecting NTLM hashes from insecure file shares.

Cross-platform incident response and live forensics toolkit with built-in detection, structured analysis, and report generation — designed for fast, actionable security investigations.

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

A library for creating and sending .pcap files for Wireshark and other programms.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

💉 DLL/Shellcode injection techniques

UAC bypass, Elevate, Persistence methods

An advanced tool for working with access tokens and Windows security policy.

Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.

Tool to check for dependency confusion vulnerabilities in multiple package management systems

grim reaper c2

A list of shodan filters

Statically-linked ssh server with reverse shell functionality for CTFs and such

A reverse ssh shell written in python, intended for penetration testers to use as a covert channel on windows

Fileless "malware" that bypasses Windows Defender using PowerShell and obfuscation

My experiments in weaponizing Nim (https://nim-lang.org/)

And Twitter API library for the ESP32 that can tweet

A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.

An XSS exploitation command-line interface and payload generator.