Advanced Domain Controller attack and credential analysis tool leveraging DonPAPI database

GeoIntel using Google's Gemini API to uncover the location where photos were taken through AI-powered geo-location analysis.

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

load shellcode without P/D Invoke and VirtualProtect call.

Python based GUI for browsing LDAP

Direct access to NTFS volumes

Comprehensive Windows Syscall Extraction & Analysis Framework

Open-source multi-purpose remote access tool for Microsoft Windows

Payload Development Framework

Advanced LLM-powered brute-force tool combining AI intelligence with automated login attacks

A python library to create BloodHound OpenGraphs

Collect infrastructure and permissions data from vCenter and export it as a BloodHound‑compatible graph using Custom Nodes/Edges

Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.

Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks.

Evasive Payload Delivery Server & C2 Redirector

Lightweight HTTP client with modern GUI for Linux

Portable file server with accelerated resumable uploads, dedup, WebDAV, FTP, TFTP, zeroconf, media indexer, thumbnails++ all in one file, no deps

Local SYSTEM auth trigger for relaying - X

Deserialization payload generator for a variety of .NET formatters

Client-side Encrypted Upload Server Python Script

A fast and hackable fuzzy finder for the terminal.

Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports

A tool that allows you to extract a client-specific wordlist from the LDAP of an Active Directory.

Vulnerable (on purpose) programs to leak NtReadVirtualMemory address for stealthier API resolution (no GetProcAddress, GetModuleHandle or LoadLibrary in the IAT)

An open-source, security-first LLM Gateway designed to provide a unified, secure, and observable entry point to any Large Language Model.

undust is a URL pattern generator that helps uncover archived, backup, and temporary files left behind on web servers. Given a URL, it generates the most common archive, temp and backup file name v…

Kerberos manipulation library in pure Python

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Callback Routine registering and ZwTerminateProcess.