Active Directory Integrated DNS dumping by any authenticated user

A Course on Intermediate Level Linux Exploitation

Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

Collection of things made during my OSCP journey

MSDAT: Microsoft SQL Database Attacking Tool

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

Intelligent login bruteforcer.

Modern tactical exploitation toolkit.

(extensible) Data Exfiltration Toolkit (DET)

A universal memory dumper using Frida

Payload Development Framework

Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)

Python PTY backdoors - full PTY or nothing!

Active Directory ACL exploitation with BloodHound

Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a maliciou…

A simple script to screenshot a list of websites

A script that helps you understand why your E-Mail ended up in Spam

socks4 reverse proxy for penetration testing

Hackish way to intercept and modify non-HTTP protocols through Burp & others.

Visualization of heap operations.

Drupal enumeration & exploitation tool

Modified version of the passing-the-hash tool collection made to work straight out of the box

An intentionally designed broken web application based on REST API.

an IIS shortname Scanner

(CVE-2018-9995) Get DVR Credentials

A series of tutorials about radare2 framework from https://www.megabeets.net

Maximizing BloodHound. Max is a good boy.

python library to examine ptmalloc (the glibc userland heap implementation)