Reverse proxy for Claude Code that anonymizes sensitive pentest data (IPs, hashes, credentials, hostnames, PII) before it reaches Anthropic. Dual-layer detection: local Ollama LLM + regex safety ne…

Gopacket is a clean Go implementation of Impacket, a library intended for working with network protocols.

Windows protocol library, including SMB and RPC implementations, among others.

Active Directory information dumper via ADWS for evasion purposes.

Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities bef…

Dump LSASS via physical memory read primitives in vulnerable kernel drivers

An offensive data enrichment pipeline

Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more

One WSL BOF to rule them all

Elastic Security detection content for Endpoint

Proof-of-Concept tool for extracting credential material from sessions on modern Windows systems.

Python version of the C# tool for "Shadow Credentials" attacks

Framework for orchestrating role-playing, autonomous AI agents. By fostering collaborative intelligence, CrewAI empowers agents to work together seamlessly, tackling complex tasks.

TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of t…

lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection

A modern 32/64-bit position independent implant template

A collection of Azure AD/Entra tools for offensive and defensive security purposes

AADInternals PowerShell module for administering Azure AD and Office 365

So, you think you have MFA? AAD/ROPC/MFA bypass testing tool

A BOF that runs unmanaged PEs inline

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

PowerSploit - A PowerShell Post-Exploitation Framework

A variety of AV evasion techniques written in C# for practice.

A tool to create a JScript file which loads a .NET v2 assembly from memory.

Automated Adversary Emulation Platform

Collection of various malicious functionality to aid in malware development