RISC-V Virtual Machine

MAPS cloud scanner and response parser for Microsoft Defender research.

VDM sig bypass and additional WinAPI stubs

The MAGIC tool is a wrapper around the Microsoft Graph Python SDK, designed to download incident response-relevant data from M365 environments.

BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.

Proxifier Alternative to redirect any Windows/MacOS/Linux TCP and UDP traffic to HTTP/Socks5 proxy

A delicious, but malicious SSL-VPN server 🌮

Python3 rewrite of AsOutsider features of AADInternals

Remote CLI tools at your fingertips

Weaponize DLL hijacking easily. Backdoor any function in any DLL.

Python alternative to Mimikatz lsadump::dcshadow

Lateral movement with DCOM DLL hijacking

Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking

A community-supported supercharged document management system: scan, index and archive all your documents

The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning

Execute commands interactively on remote Windows machines using the WinRM protocol (just faster)

A terminal workspace with batteries included

Tailscale Docker Proxy

SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.

Local SYSTEM auth trigger for relaying - X

unleashed ffuf

Bitpixie exploitation PoC

AWS Attack Path Management Tool - Walking on the Moon

An extremely fast Python package and project manager, written in Rust.

Script collection to bypass Network Access Control (NAC, 802.1x)

Library of 40+ independent Lua modules improving Neovim experience with minimal effort

The neovim tabline plugin.