Web path scanner

PoC Exploit for the NTLM reflection SMB flaw.

.NET tool used to enrich RPC telemetry

Execute commands interactively on remote Windows machines using the WinRM protocol

Code execution/injection technique using DLL PEB module structure manipulation

A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active Directory

CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

proxy/tunnel everything for red team!

A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and reflection techniques for code injection. This PoC showcases…

LDAP library for auditing MS AD

SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.

F5 Service Password Decryption

Mythic C2 agent targeting Linux and Windows hosts written in Rust

Python implementation for Active Directory certificate abuse

An Ansible role that install the Adaptix C2 server and/or client on Debian based hosts

Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techniques

🧙‍♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications

Scan installed EDRs and AVs on Windows

The first Computer Emergency Response Tools (CERT) for young people ;) 　　　　　　　　　　　　　　　　　　　　　　年轻人的第一款应急响应工具 ；）

Windows remote execution multitool

find dll base addresses without PEB WALK

Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data

SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.

Fast web fuzzer written in Go

Enumerate Domain Users Without Authentication