An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

An Ansible collection that installs a SCOM deployment with optional configurations.

AirPods liberated from Apple's ecosystem.

Lab used for workshop and CTF

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

Repository containing presentations given at conferences

Presentation material presented by Outflank team members at public events.

Fancy reverse and bind shell handler

Diana Credential Recovery Framework

Python based GUI for browsing LDAP

A library for detecting known secrets across many web frameworks

PoC Exploit for the NTLM reflection SMB flaw.

wspcoerce coerces a Windows computer account via SMB to an arbitrary target using MS-WSP

Akinator for SSTI

A delicious, but malicious SSL-VPN server 🌮

Hitman Codename 47 (2000) decompilation project.

SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.

OpenWrt for ZyXEL VMG8825-T50/K. The project is in the initialization phase, which wants to contribute and I welcome it. I accept pull request.

General Security Scripts

Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with a mounted windows drive.

Project for tracking publicly disclosed DLL Hijacking opportunities.

PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.

JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.

Vulnerable driver research tool, result and exploit PoCs

All the deals for InfoSec related software/tools this Black Friday

The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

Dominate Active Directory with PowerShell.