Stars
Get up and running with OpenAI gpt-oss, DeepSeek-R1, Gemma 3 and other models.
Find, verify, and analyze leaked credentials
Information gathering framework for phone numbers
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocketchat, twitch, ssh-chat, zulip, whatsapp, keybase, matrix, microsoft teams, nextcloud, mumble, vk and more with REST API…
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?
Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)
Real fucking shellcode encryptor & obfuscator tool
A SimpleHTTPServer written in Go, enhanced with features and with a nice design - https://goshs.de
Automatically spawn a reverse shell fully interactive for Linux or Windows victim
Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
Golng version of SharpDump that can be used to extract LSASS or any other proces. Provides token elevation prior to creating dump of high intergrity processes.