A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself

Windfall - Unauthenticated RCE exploit chain for Windmill & Nextcloud Flow (CVE-2026-29059). Path traversal + credential leak + PostgreSQL heap dump + Nextcloud AppAPI takeover.

SSL pinning bypass setup for iOS (No Jailbreak) using OpenVPN + iptables traffic redirection to proxy (Burp Suite / mitmproxy)

Polymorphic x64 shellcode loader — indirect syscalls, phantom DLL hollowing, call stack spoofing, patchless AMSI/ETW bypass, zero CRT dependency

Impacket is a collection of Python classes for working with network protocols.

Okta Data Collector for BloodHound Community

Custom IPC Client and Proof of Concept exploit for CVE-2025-0309 (Netskope Windows Client LPE)

YubiKey plugin for age

Deploys production-grade security controls for AWS accounts and Organizations using Terraform.

Artifacts for the ACM CCS 2025 paper "Pixnapping: Bringing Pixel Stealing out of the Stone Age"

Nim implementation for sud0Ru's Credential Dumping from SAM/SECURITY Hives Method (a.k.a. SilentHarvest)

Monitor the Windows Event Log with grep-like features or filtering for specific Event IDs

Busybox-style Beacon Object Files for *nix post-exploitation. Reimplements common Unix utilities as BOFs for use in stripped environments (Docker containers, Kubernetes pods, minimal VMs) where no …

A pentesting tool for enumeration/download/graphical analysis of OCI content. Includes an OpenGraph generator for Bloodhound-style analysis.

API discovery tool that maps attack surfaces from captured traffic and generates specs for REST, GraphQL, SOAP, and WebSocket APIs

SilentChrome-BOF is a BOF (Beacon Object File) that silently installs a browser extension into Chrome or Edge by modifying the Preferences and Secure Preferences files directly.

Cryptographic implementation conformance testing harness for ML-KEM and ML-DSA.

Havoc C2 BOF — WFP kernel-space SYSTEM escalation + command execution with indirect syscalls, patchless AMSI/ETW bypass, and return address spoofing

Analysis tool to assess (HW/SW) system security against fault-injection attacks

Mali GPU-assisted kernel exploitation

Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we confi…

abusing windows toast notifications for fun and user manipulation

Samsung S25 Vulnerability Research

The Leading Security Assessment Framework for Android.

CLI tool for inspecting and managing services listening on localhost ports