This project is a deliberately vulnerable environment to learn about LLM-specific risks based on the OWASP Top 10 for LLM Applications.

A flexible playground for Android CTF challenges.

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

The Bug Hunters Methodology

APTnotes data

A sample bot for Cobalt Strike 3

Scripts for automating actions in Cobalt Strike

Some useful scripts for CobaltStrike

Aggressor scripts I've made for Cobalt Strike

Empire is a PowerShell and Python post-exploitation agent.

Cheat sheets for various projects.

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors

Automated installation of the Microsoft IE App Compat virtual machines

Web Filter External Enumeration Tool (WebFEET)

USB Impersonator

Various public documents, whitepapers and articles about APT campaigns

Client/server scripts designed to test outbound (egress) firewall rules.

git-cola: The highly caffeinated Git GUI

Fast and powerful SSL/TLS scanning library.

A client compatible with Metasploit's staging protocol

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.