AuditKit - Multi-Cloud Compliance Scanner & Evidence Collection

AI agent for autonomous cyber operations

A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Too…

A CLI tool for threat modeling and visualizing AI agents built using popular frameworks like LangGraph, AutoGen, CrewAI, and more.

A (partial) Python rewriting of PowerSploit's PowerView

A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS accounts.

A comprehensive GenAI protection system designed to protect against malicious prompts, injection attacks, and harmful content. System incorporates multiple engines that operate in sequence to analy…

SSH man-in-the-middle tool

An open-source knowledge base of defensive countermeasures to protect AI/ML systems. Features interactive views and maps defenses to known threats from frameworks like MITRE ATLAS, MAESTRO, and OWASP.

Anemoi: A Semi-Centralized Multi-agent Systems Based on Agent-to-Agent Communication MCP server from Coral Protocol

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

Comprehensive Windows Syscall Extraction & Analysis Framework

Language-agnostic AI auditor that autonomously builds and refines adaptive knowledge graphs for deep, iterative code reasoning.

A book-in-progress about the Linux kernel and its insides.

A one stop repository for generative AI research updates, interview resources, notebooks and much more!

A list of cloud security tools and vendors.

You didn't think I'd go and leave the blue team out, right?

Static analysis for GitHub Actions

Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks

Vulnerability Intelligence Platform

A tool to transform Chromium browsers into a C2 Implant

Linux Runtime Security and Forensics using eBPF

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

LLM agents built for control. Designed for real-world use. Deployed in minutes.

SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection support.

A Kubernetes controller and tool for one-way encrypted Secrets

MCP for Pwn

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

Repository containing all training and tutorials completed in preparation for the OSEE in conjunction with the AWE course.