Awesome EDR Bypass Resources For Ethical Hacking

evilwaf is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs).

A collection of CVEs weaponized by ransomware operators

Ludus FastMCP enables AI-powered management of Ludus cyber ranges through natural language commands. The server exposes **157 tools** across 15 modules for range lifecycle management, scenario depl…

AI-powered Windows Event Log analyzer that learns from your feedback. Uses Claude AI with RAG to detect suspicious activity, improve accuracy over time, and share learnings across your team. CLI an…

Sharp Monocular View Synthesis in Less Than a Second

A Windows tool that converts LDIF files to BloodHound CE

Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall

Create pretty screenshots of your requests and response right into Caido

This C# tool sprays for admin access over the entire domain

ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.

Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark.

Proof of concept for CVE-2025-13780

CVE-2025-59501 POC code

React Shell & Next.js RSC Exploit Tool (CVE-2025-55182)

In Browser PostgreSQL Playground, no server, just client and pglite (postgresql wasm)

TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.

🤖 LLM-powered agent for automated Google Dorking in bug hunting & pentesting.

Windows Session Hijacking via COM

Fairy Law - Compromise or disable EDR security solutions

A simple Bash script to discover all domains associated with a specific Microsoft 365 tenant - new replacement for check_mdi

Decrypt Veeam database passwords

Finally a Fabioulous & Fast Fuzzy File Finder for neovim

Using Chromium-based browsers as a proxy for C2 traffic.

HacxGPT An advanced AI framework, engineered to explore the frontiers of language model interactions. Designed to provide powerful, unrestricted, and seamless AI-driven conversations.

Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we confi…

↕️🤫 Stealth redirector for your red team operation security

Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.

Ludus role for deploying a Mythic Teamserver onto Linux servers

UAC Bypass using UIAccess program QuickAssist