Helm charts for running open source digital forensic tools in Kubernetes

Google Chrome forensic tool to process, analyze and visualize browsing artifacts

mTLS-Encrypted Back-Connect SOCKS5 Proxy

面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams

Backdoor Visual Studio project files with custom shellcode, which executes whenever the project is opened or built.

The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

claude-red is a curated library of offensive security skills designed for the Claude skills system. Each skill is a structured SKILL.md file that primes Claude with expert-level methodology for a s…

15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal.

Repository hosting the bluehammer vulnerability

Multiplatform MEMORY.DMP analysis tool with a WinDbg flavor

NTP Exfiltration Tool

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

Collected && Written N day Vulns for study purpose only

一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.

A collection of threat hunting and detection engineering Jupyter notebooks accompanying the Weekly Purple Team YouTube channel. Each notebook provides detection logic to help security professionals…

A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself

Poseidon is a Golang agent targeting Linux and macOS

A stealthier approach to WMI-based command execution using Impacket without touching the disk.

Encodes arbitrary data into one or more QR code PNGs and decodes them back as a form of steganography for data obfuscation.

My personal notes for OSCP

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.

C2-下一代RAT

Reflective PE packer.

C2/post-exploitation framework

Generate malware with AI

A proof-of-concept malicious Chrome extension

Reflective PE loader for DLL injection

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.