Display and control your Android device

Alternative firmware for ESP8266 and ESP32 based devices with easy configuration using webUI, OTA updates, automation using timers or rules, expandability and entirely local control over MQTT, HTTP…

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

Small and highly portable detection tests based on MITRE's ATT&CK.

🍯 T-Pot - The All In One Multi Honeypot Platform 🐝

Simple (relatively) things allowing you to dig a bit deeper than usual.

Open source smart card tools and middleware. PKCS#11/MiniDriver/Tokend

🌱💧 An open source DIY soil moisture sensor

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

A little toolbox to play with Microsoft Kerberos in C

Windows Privilege Escalation from User to Domain Admin.

Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.

Utility that converts an .etl file containing a Windows network packet capture into .pcapng format.

Cobalt Strike HTTPS beaconing over Microsoft Graph API

Extract Windows Defender database from vdm files and unpack it

XLL Phishing Tradecraft

Postfix Sender Rewriting Scheme daemon

Bypass UAC at any level by abusing the Program Compatibility Assistant with RPC, WDI, and more Windows components

Obex – Blocking unwanted DLLs in user mode

Yet another library library (and tools)

Packet capture on Windows without a kernel driver

Code and data artifacts for our paper: "faulTPM: Exposing AMD fTPMs’ Deepest Secrets"

LILO based Pulse Secure appliance disk image decryptor