MemProcFS

A OS X crypto ransomware PoC

Copy Fail (CVE-2026-31431): 9-year-old Linux kernel LPE found by Theori's Xint Code

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

a small wiper malware programmed in c#

Weaponized HellsGate/SigFlip

hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols

C# Data Collector for BloodHound

exploit for CVE-2022-2588

Zero-dependency Linux memory forensics PoC — leverages kernel-embedded BTF and kallsyms for type-aware memory analysis without external debug info.

The Havoc Framework

Binder Trace is a tool for intercepting and parsing Android Binder messages. Think of it as "Wireshark for Binder".

Protect yourself from being tracked 🌍 by AirTags 🏷 and Find My accessories 📍

Semantic SBOM/CBOM diff, quality scoring, and TUI analysis tool for CycloneDX/SPDX — covering component changes, dependency shifts, license conflicts, vulnerabilities, cryptographic inventory gradi…

A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and r…

A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS accounts.

This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.

Harness the power of Splunk for your investigations

Digging Deeper....

Rust tool to detect cell site simulators on an orbic mobile hotspot

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Mignis is a semantic based tool for firewall configuration.

NullKia Mobile Security Framework - Tools in Nim, Crystal, V, D, Red, Odin, Haxe, Zig, Kotlin, Lua, PHP, Python | bad-antics | github.com/bad-antics

Security training for the apps you actually ship. Open your browser and start hacking.

A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers.

LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment via Ludus for controlled testing.

Threat Intel Platform for T-POTs

for bones that are too dense