An offensive data enrichment pipeline

Security automation with n8n ideas: 100+ Red/Blue/AppSec workflows, integrations, and ready-to-run playbooks.

Damn Vulnerable MCP Server

This is the tool to dump the LSASS process on modern Windows 11

LLM-based automated patch diffing

Decompiler written in Rust

Tool to enumerate privileged Scheduled Tasks on Remote Systems

A collection of proof-of-concept exploit scripts written by the STAR Labs team for various CVEs that they discovered or found by others.

A simple go Proof of Concept to start a new shell as TrustedInstaller

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

基于golang实现的impacket

A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active Directory

A cross platform library to write offensive and defensive security tools in Go

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.

Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.

Privilege Escalation Enumeration Script for Windows

windows-kernel-exploits Windows平台提权漏洞集合

Red Teaming for AI and Cloud

Kill Zscaler without password or jail Zscaler in a virtual machine

C2 writen in Rust & Go powered by Tor network.

AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.

A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.

Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techniques

🦀 Small exercises to get you used to reading and writing Rust code!