Real fucking shellcode encryptor & obfuscator tool

A tool for generating fake code signing certificates or signing real ones

jid on jq - interactive JSON query tool using jq expressions

Tool for building Kubernetes attack paths

Show who has RBAC permissions to perform actions on different resources in Kubernetes

Extract endpoints from APK files

Open Source Package Analysis

EXOCET - AV-evading, undetectable, payload delivery tool

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security teste…

Because AV evasion should be easy.

kube-scan: Octarine k8s cluster risk assessment tool

A tool for IDN homograph attacks and detection.

C2 infrastructure over Microsoft Teams.

↕️🤫 Stealth redirector for your red team operation security

framework to rapidly implement custom droppers for all three major operating systems

A rapid API for the Project Sonar dataset

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact dire…

An Office365 User Attack Tool

GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet or Microsoft SharePoint List and exfiltrate files using Google Drive or…

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educati…

shellz is a small utility to manage your ssh, telnet, kubernetes, winrm, web or any custom shell in a single place.

Golang client for querying SecurityTrails API data

Protected Process Dumper Tool

Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent

Tool and policy library for reviewing Google Kubernetes Engine clusters against best practices

Tool to remotely dump secrets from the Windows registry

Discover new target domains using Content Security Policy

mTLS-Encrypted Back-Connect SOCKS5 Proxy

nextnet is a pivot point discovery tool written in Go.