Blackhat 2025 presentation and codebase: AI SOC agent & MCP server for automated security investigation, alert triage, and incident response. Integrates with ELK, IRIS, and other platforms.

Autonomous Privilege Escalation using AI

Print Spooler Named Pipe Impersonation for Cobalt Strike

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

Ghidra is a software reverse engineering (SRE) framework

A little toolbox to play with Microsoft Kerberos in C

Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers

Plugin for Obsidian: Use shortcuts for input special symbols and changing level of headings without language switching

Egress-Assess is a tool used to test egress data detection capabilities

A plugin for Obsidian.md for styling codeblocks and inline code

A modern 32/64-bit position independent implant template

local poc for CVE-2024-32002

llama3.np is a pure NumPy implementation for Llama 3 model.

Every practical and proposed defense against prompt injection.

A rewrite of YARA in Rust.

🔮 ChatGPT Desktop Application (Mac, Windows and Linux)

A massively parallel, optimal functional runtime in Rust

GUI manager for network tunnels developed for Command and Control systems.

Automate the build of a vulnerable AD environment.

Win32k LPE vulnerability used in APT attack

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

Framework for Man-In-The-Middle attacks

A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.

Wiki to collect Red Team infrastructure hardening resources

Local Privilege Escalation Miner