Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

A memory safe implementation of sudo and su.

PCOV - CodeCoverage compatible driver for PHP

Portable file server with accelerated resumable uploads, dedup, WebDAV, FTP, TFTP, zeroconf, media indexer, thumbnails++ all in one file, no deps

Fast and multi-platform Spotify client with native GUI

Game Boy Advance homebrew games collected as a community maintained JSON database

Collection of resources about Virtualization

A self hosted virtual browser that runs in docker and uses WebRTC.

A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.

Maximizing BloodHound. Max is a good boy.

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

Utility to download and extract document metadata from an organization. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.

Pokémon Save File Editor

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

If you're a fan of fans, this app is for you.

Simply generates a wordpress plugin that will grant you a reverse shell once uploaded. I recommend installing Kali Linux, as msfvenom is used to generate the payload.

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Single-file PHP shell

Web path scanner

A self-signing certificate authority manager

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

JavaScript 3D Library.

🗺️ Minecraft map editor and mod

Discovered API-endpoints for the Google Wifi Router and OnHub

Marlin is a firmware for RepRap 3D printers optimized for both 8 and 32 bit microcontrollers. Marlin supports all common platforms. Many commercial 3D printers come with Marlin installed. Check wit…

Consistent dependency versions in large JavaScript Monorepos.

This tool is used to install `pyenv` and friends.