⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Impacket is a collection of Python classes for working with network protocols.

A GPT-empowered penetration testing tool

Top disclosed reports from HackerOne

The Network Execution Tool

A remote monitoring & management tool, built with Django, Vue and Go.

Python Remote Administration Tool (RAT)

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

Mimikatz implementation in pure Python

Extract credentials from lsass remotely

This project aims to compare and evaluate the telemetry of various EDR products.

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Fake Protocol Server

Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.

Run PowerShell command without invoking powershell.exe

Bypass firewall for traffic forwarding using webshell

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications

A framework for wireless pentesting.

New generation of wmiexec.py

Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit

专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF

CVE-2023-38831 winrar exploit generator

Sudo Baron Samedit Exploit

Microsoft-Outlook-Remote-Code-Execution-Vulnerability

爬网站JS文件，自动fuzz api接口，指定api接口（针对前后端分离项目，可指定后端接口地址），回显api响应

Standalone binaries for Linux/Windows of Impacket's examples

An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer