Open-source offensive security platform for conducting phishing campaigns that weaponizes iCalendar automatic event processing.

A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+SID), PKINIT authentication, and NT hash extraction via UnPAC…

🔧 Simplify LDAP proxying with essential BOFs, providing convenient helper scripts for efficient implementation and setup.

Collection of UAC Bypass Techniques Weaponized as BOFs

takes shellcode with bad-characters and banishes them, returning cleaned shellcode with preserved functionalities

Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark.

Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.

CobaltStrike后渗透测试插件

An AI-powered task-management system you can drop into Cursor, Lovable, Windsurf, Roo, and others.

Transform vague ideas into production-ready prompts. Analyze gaps, generate PRDs, and supercharge your AI coding workflow with the CLEAR framework.

Serverless AITM Simulation Framework for Entra ID and M365

A simple COM server which provides a component to run shellcode

Python tool to Check running WebClient services on multiple targets based on @leechristensen

Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall

A Windows Named Pipe Multi-tool / Proxy

Proof of concept for Kerberos Armoring abuse.

An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents

Windows Session Hijacking via COM

Tower defense game that teaches cloud architecture. Build infrastructure, survive traffic, learn scaling.

An experimental research tool for fabricating GitHub personas with AI-generated repositories

Reverse engineered to remove IOCs, added Exchange Online Protection IP blacklist and bing-bot user-agent blocking, DNS configuration and notes on usage.

Evilginx Phishing Infrastructure Setup Guide - Securing Evilginx and Gophish Infrastructure, Removing IOCs, Phishing TTPs

Golang Automation Framework for Cobalt Strike using the Rest API

tun2socks - powered by gVisor TCP/IP stack

Collection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing.

Ghidra script for extracting embedded Rust crate dependency strings from a compiled Rust binary

Remove API hooks from a Beacon process.

UDC2 implementation that provides an ICMP C2 channel

GhidRust: Rust decompiler plugin for Ghidra