Detect shadow AI agents by monitoring network traffic and classifying process-to-domain pairs.

Orchestrate fleets of Claude Code & Claude Computer Use agents across containers, VMs, and physical devices. Live desktop streaming, intelligent task delegation, and multi-channel human-in-the-loop…

Agent skills for VulHunt

Vulnerability detection framework by Binarly's REsearch team

OBLITERATE THE CHAINS THAT BIND YOU

Turn Claude Code into a team workspace. Any device, one command.

Position-independent Reflective Loader for macOS

Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.

Windows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.

A Bloodhound alternative. BloodBash will ingest the same files bloodhound does but no server is required to use this tool. It's great for quick AD enumeration.

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

BYOVD hunter to help prioritize windows drivers worth manual analysis

Qtap: An eBPF agent that captures pre-encrypted network traffic, providing rich context about egress connections and their originating processes.

Use LLMs to rank anything

Stealthy Linux Kernel Rootkit for modern kernels (6x)

Dump LSASS via physical memory read primitives in vulnerable kernel drivers

Kernel Driver Utility

A serie of exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W

Intercept LLM API traffic and visualize token usage in a real-time terminal dashboard. Track costs, debug prompts, and monitor context window usage across your AI development sessions.

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

Bypass Chromium's App-Bound Encryption via Direct Syscall-based Reflective Process Hollowing. Extract cookies, passwords, payment methods & tokens from Chrome, Edge, Brave & Avast - fileless, user-…

Volatility plugin to deal with windows kerberos security provider, list, carve and dump Tickets

Automatic Exploit Generation with LLMs

Serverless AITM Simulation Framework for Entra ID and M365

Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.

Wrap Gemini CLI, Antigravity, ChatGPT Codex, Claude Code, Qwen Code, iFlow as an OpenAI/Gemini/Claude/Codex compatible API service, allowing you to enjoy the free Gemini 2.5 Pro, GPT 5, Claude, Qwe…

A beautiful web UI for browsing Claude Code conversation history.

Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks