Concourse is a container-based continuous thing-doer written in Go and Elm.

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Obfuscate Go builds

Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego

My experiments in weaponizing Nim (https://nim-lang.org/)

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

Etherpad: A modern really-real-time collaborative document editor.

log4j2 rce、poc

A distributed nmap / masscan scanning framework complete with scan scheduling, engine pooling, subsequent scan port diff-ing, and an API client for automation workflows.

AV/EDR evasion via direct system calls.

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

Code samples for No Starch Press Black Hat Go

Collection of docker oneliners to save time when compiling/running projects for security research & development.

Simple script that checks a domain for email protections

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogunlab).

Password attacks and MFA validation against various endpoints in Azure and Office 365

Squid Web Proxy Cache

Tools for securely clearing and validating iOS application memory