15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal.

OWASP Autonomous Penetration Testing Standard

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

claude-red is a curated library of offensive security skills designed for the Claude skills system. Each skill is a structured SKILL.md file that primes Claude with expert-level methodology for a s…

Another FAFO project: Weaponizing MSI installers for fileless code execution

Repository hosting the bluehammer vulnerability

RAG pipeline security testing toolkit - 27 techniques across 6 kill chain phases, mapped to MITRE ATLAS

This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead in the field. It provides a valuable resource for those ded…

SilentChrome-BOF is a BOF (Beacon Object File) that silently installs a browser extension into Chrome or Edge by modifying the Preferences and Secure Preferences files directly.

Example extensions for CrystalC2

Free educational content on reverse engineering and malware analysis from the FLARE team

InfraGuard is a Command & Control Redirection Proxy and Manager which protects your Red Team Infrastructure against threat attribution

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)

Fully autonomous AI Agents system capable of performing complex penetration testing tasks

NetBird mesh VPN C2 profile and Stymphalian demo agent for Mythic

Tailscale/Headscale C2 profile and agent for Mythic

A Mythic C2 Profile that uses AWS S3 for command and control communication with per-execution credential isolation.

Golang Automation Framework for Cobalt Strike using the Rest API

Extract Windows credentials directly from VM memory snapshots and virtual disks

The world's first agentic reverse engineer.

Active Directory Vulnerability Scanner

Lab4PurpleSec is a modular Purple Team homelab combining a vulnerable Active Directory environment (GOAD), a Docker-based web DMZ, pfSense + Suricata, and a Wazuh SIEM. It provides a realistic, ope…

A BloodHound collector written in Go that discovers Linux and SSH attack paths. Outputs OpenGraph JSON and integrates with existing SharpHound and AzureHound data.

Run TTPs, with AI!

MLOps Attack Toolkit in Python

A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, without touching LSASS process memory.

PowerShell implementation for AD CS