Dump LSASS via physical memory read primitives in vulnerable kernel drivers

Impacket is a collection of Python classes for working with network protocols.

A comprehensive modern architecture model is proposed to integrate platform solutions and tooling to support a professional Red Team.

WMI Explorer

A PowerShell console in C/C++ with all the security features disabled

This repository contains detailed adversary simulation APT campaigns targeting various critical sectors. Each simulation includes custom tools, C2 servers, backdoors, exploitation techniques, stage…

Python scripts to convert PfSense and OPNSense firewall rules into a graphical view of the flows.

Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.

EVA is an AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.

A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.

Open-source offensive security platform for conducting phishing campaigns that weaponizes iCalendar automatic event processing.

Open Source C&C Specification

Force Remove Copilot, Recall and More in Windows 11

A simple, lightweight PowerShell script to remove pre-installed apps, disable telemetry, as well as perform various other changes to customize, declutter and improve your Windows experience. Win11D…

A curated list of awesome social engineering resources.

Collection of links on bad opsec

Explanation and full RCE PoC for CVE-2025-55182

A unified, interactive CLI for remotely executing scripts, managing payloads, establishing interactive command sessions, and handling file transfers across remote environments.

↕️🤫 Stealth redirector for your red team operation security

Commandline spoofing on Windows

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

AI / LLM Red Team Field Manual & Consultant’s Handbook

Usermode exploit to bypass any AC using a 0day shatter attack.

Purple-team telemetry & simulation toolkit.

A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses …

RProxy LAB is intended solely for educational purposes and authorized security testing with EvilGinx / Modlishka / EvilPuppet e.t.c tools