Stars
Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞
Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.
An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention.
Network monitoring tool that maps process-to-network connections, identifies cloud providers, and detects beaconing activity. Zero-flag agent binary for deployment, aggregation server, offline ASN …
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…
AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
Test your prompts, agents, and RAGs. Red teaming/pentesting/vulnerability scanning for AI. Compare performance of GPT, Claude, Gemini, DeepSeek, and more. Simple declarative configs with command li…
Logging Made Easy (LME) is a no cost, open source platform that centralizes log collection, enhances threat detection, and enables real-time alerting, helping small to medium-sized organizations se…
Serverless AITM Simulation Framework for Entra ID and M365
TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of t…
Cybersecurity AI (CAI), the framework for AI Security
BOF to run PE in Cobalt Strike Beacon without console creation
Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephemeral access into restricted environments using Tailscale’s …
EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.
Weaponize DLL hijacking easily. Backdoor any function in any DLL.
Group Policy Objects manipulation and exploitation framework
A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.
Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking
TTPMapper is an AI-driven threat intelligence parser that converts unstructured reports whether from web URLs or PDF files into structured intelligence. Using the DeepSeek LLM, it extracts MITRE AT…
Weaponizing DCOM for NTLM Authentication Coercions
A powerful, modular, lightweight and efficient command & control framework written in Nim.
AdaptixC2 is a highly modular advanced redteam toolkit
🧙♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications
Assortment of scripts and tools for our Blackhat EU 2024 talk
xforcered / SoaPy
Forked from logangoins/SOAPySoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.