TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

A little tool to play with Windows security

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

Small and highly portable detection tests based on MITRE's ATT&CK.

windows-kernel-exploits Windows平台提权漏洞集合

Official git repo for iodine dns tunnel

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

Iceman Fork - Proxmark3

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

A tool to dump the login password from the current linux user

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

Simple (relatively) things allowing you to dig a bit deeper than usual.

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and re…

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

LSASS memory dumper using direct system calls and API unhooking.

A tool to kill antimalware protected processes

CTF Field Guide

Dump cookies and credentials directly from Chrome/Edge process memory

Linux Binary Exploitation

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Another Windows Local Privilege Escalation from Service Account to System

A root exploit for CVE-2022-0847 (Dirty Pipe)