Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but for security research and penetration testing! 🎫

C# 104 12 Updated Oct 21, 2025

dwmetz / CyberPipe

An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.

PowerShell 336 54 Updated Nov 4, 2025

Splitmark / splitmark

A lightweight CLI Markdown editor with live preview.

JavaScript 22 Updated Oct 17, 2025

cyberblu3s / CyberBlue

CyberSecurity BLUE TEAM containerized platform that brings together open-source tools for SIEM, DFIR, CTI, SOAR, and Network Analysis

Shell 344 68 Updated Oct 16, 2025

MorDavid / NetworkHound

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

Python 600 65 Updated Oct 21, 2025

MatheuZSecurity / Singularity

Linux Kernel Rootkit for modern kernels (6x)

C 458 65 Updated Nov 4, 2025

droolio / snapraid-helper

PowerShell wrapper script for SnapRAID

PowerShell 28 4 Updated Aug 29, 2025

acquiredsecurity / forensic-timeliner

A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Too…

C# 257 30 Updated Sep 3, 2025

Print3M / ByteCaster

Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supported)! ☢️

Go 182 27 Updated Sep 20, 2025

TwoSevenOneT / WSASS

This is the tool to dump the LSASS process on modern Windows 11

C++ 490 59 Updated Nov 1, 2025

stuxctf / PAYGoat

PAYGoat is a banking application built for educational purposes, focused on exploring and understanding common business logic flaws in financial platforms.

JavaScript 182 25 Updated Aug 5, 2025

xaitax / NTSleuth

Comprehensive Windows Syscall Extraction & Analysis Framework

C++ 150 26 Updated Aug 30, 2025

f-bader / XDRStoryParser

Visualize Microsoft Defender XDR process trees and security events

JavaScript 33 2 Updated Aug 24, 2025

synacktiv / GroupPolicyBackdoor

Group Policy Objects manipulation and exploitation framework

Python 267 27 Updated Oct 11, 2025

dmcxblue / AzureStrike

An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations

PowerShell 60 6 Updated Aug 18, 2025

google / facade

Python 132 16 Updated Aug 7, 2025

yo-yo-yo-jbo / dumping_lsass

The different ways to dump lsass

C 196 24 Updated Aug 15, 2025

zarkones / ControlSTUDIO

Adversary Simulation Framework

Go 35 7 Updated Aug 19, 2025

arosenmund / defcon33_silence_kill_edr

C++ 329 53 Updated Aug 20, 2025

bluecapesecurity / drivefs_forensic_extractor

Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.

Python 19 4 Updated May 9, 2025

0xflux / Sanctum

Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

Rust 445 46 Updated Oct 12, 2025

mez-0 / citadel

A Payload Analysis Framework

HTML 110 9 Updated Oct 9, 2025

pompelmi / pompelmi

free, open-source file scanner

TypeScript 297 14 Updated Nov 3, 2025

0pepsi / Linux-persistence

A no-reboot, in-memory Linux persistence PoC leveraging namespace joining, user-namespace elevation, and self‑deletion.

C 66 13 Updated Aug 6, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Andréw Hüang cowbe0x004

Achievements