Starred repositories
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)
Ransomware simulator written in Golang
PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs
LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
Tool based on CobaltStrikeParser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 20…
A production-friendly malware scanner for your AWS cloud
Detect and respond to Cobalt Strike beacons using ETW.
go-audit is an alternative to the auditd daemon that ships with many distros
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
All the deals for InfoSec related software/tools this Black Friday
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Porting macam (USB webcam driver) to macOS 10.15
Extract indicators of compromise from text, including "escaped" ones.
Tool to deploy a post-exploitation prompt at any time
This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/rem…
Malicious Macro Generator
PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpose of generating attack telemetry in properly monitored Wind…
🐟 PoC of a VBA macro spawning a process with a spoofed parent and command line.
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.