PowerShell Pass The Hash Utils

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub …

BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonation

KslDump — Why bring your own knife when Defender already left one in the kitchen?

Extract Windows credentials directly from VM memory snapshots and virtual disks

Bring your own Unwind Data Framework

A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

The recursive internet scanner for hackers. 🧡

OpenViking is an open-source context database designed specifically for AI Agents(such as openclaw). OpenViking unifies the management of context (memory, resources, and skills) that Agents need th…

Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.

Azure apim mini proxy

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

A Kerberos implementation built entirely in managed code.

An implementation of PyADRecon using ADWS instead of LDAP. Generates individual CSV files and a single XSLX + HTML report about your AD domain. Evades EDR detections through ADWS.

A Rust-based External C2 client and Python-based server for Cobalt Strike, using third-party / white-listed endpoint as the transport layer.

BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).

Script collection to bypass Network Access Control (NAC, 802.1x)

A tool that helps change the recovery configuration of a Windows service to make lateral movement more stealthy

Beacon Object File (BOF) to obtain Entra tokens via authcode flow.

The new sqlcmd, CLI for SQL Server and Azure SQL (winget install sqlcmd / sqlcmd create mssql / sqlcmd open ads)

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

DCE/RPC is the remote procedure call system developed for the Distributed Computing Environment (DCE).

Active Directory Authentication Library

Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

A Beacon Object File (BOF) template for Visual Studio

WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations