Starred repositories
POCs to demonstrate CVE-2026-42167 in ProFTPD
Autonomous Hacking Agent for Red Team
An AI red-team agent for authorized labs and web app pentesting workflows. Turns Claude Code / OpenCode / Codex into a structured recon → test → exploit → report workflow, with containerized tools …
SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) through a SOCKS5 proxy.
Boot-to-Breach red team lab on AWS. Mythic, Sliver, and Havoc C2 behind a production-style Apache redirector. Deployed via Terraform, to be used for training/self hosted environments.
Static analysis & exploitation-triage toolkit for Windows kernel drivers. Discover IOCTLs, Symbolic Links, and check cert , and Downlaods BYOVD
🤖 A minimal and customizable Docker image running the Android emulator as a service.
Small and highly portable detection tests based on MITRE's ATT&CK.
M365 Conditional Access Policy Bypass OST (Offensive Tooling)
Python tool for converting files and office documents to Markdown.
claude-red is a curated library of offensive security skills designed for the Claude skills system. Each skill is a structured SKILL.md file that primes Claude with expert-level methodology for a s…
Havoc plugin allowing in-memory execution of PowerShell cmdlets
A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique.
Object file loader implemented as a post-ex DLL for asynchronous BOF execution.
Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.
Async BOF to monitor and detect clipboard changes on a target system and return the clipboard contents.
This cheatsheet maps common impacket workflows to their modern alternatives
Vulnerable applications lab — 11 CVEs, Docker-based
The Phantom Whisper is a sophisticated, production-grade Python orchestration framework designed to deploy zero-click exploits with surgical precision.
DSCourier is a proof-of-concept that uses the WinGet Configuration COM API to apply DSC configurations through Microsoft-signed binaries.