Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool

a BOF implementation of various registry persistence methods

Identify Azure AD resources that issue tokens without MFA enforcement using the ROPC grant flow.

EDR-Redir : a tool used to redirect the EDR's folder to another location.

Set of tools to analyze Windows sandboxes for exposed attack surface.

SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version fo…

Windows protocol library, including SMB and RPC implementations, among others.

A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses …

This is the tool to dump the LSASS process on modern Windows 11

EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.

Advanced LLM-powered brute-force tool combining AI intelligence with automated login attacks

PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads

Go 代码混淆工具，使用 AST (抽象语法树) 技术实现跨文件的代码混淆，同时保证混淆后的代码可编译和可执行。

Check if an email address exists without sending any email, written in Rust. Comes with a ⚙️ HTTP backend.

Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.

Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but for security research and penetration testing! 🎫

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Step-by-step documentation on how to decrypt SCCM database secrets offline

Pentester's Promiscuous Notebook

Gather and update all available and newest CVEs with their PoC.

Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephemeral access into restricted environments using Tailscale’s …

Dynamic shellcode loader with sophisticated evasion capabilities

Lateral Movement Bof with MSI ODBC Driver Install

Use Cloudflare to create HTTP pass-through proxies for unique IP rotation, similar to fireprox

Credentials recovery project

Obex – Blocking unwanted DLLs in user mode

Python based GUI for browsing LDAP

Inboxfuscation is an advanced offensive & defensive framework for mailbox rule obfuscation and detection in Exchange environments.

PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.

Direct access to NTFS volumes