AV/EDR processes termination by exploiting a vulnerable driver (BYOVD)

A high-speed covert tunnel that disguises TCP traffic as SMTP email communication to bypass Deep Packet Inspection (DPI) firewalls.

Model Context Protocol for WinDBG

Simple (relatively) things allowing you to dig a bit deeper than usual.

Title is self explaining, well theres few methods we can do to read locked file and play with it...

Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

Check if an email address exists without sending any email, written in Rust. Comes with a ⚙️ HTTP backend.

WMI Explorer

Exploring RPC interfaces on Windows

Set of tools to analyze Windows sandboxes for exposed attack surface.

A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container

A tool that shows detailed information about named pipes in Windows

An open-source, cross-platform terminal for seamless workflows

Force Remove Copilot, Recall and More in Windows 11

A secure, efficient TCP/UDP tunneling solution that delivers fast, reliable access across network restrictions using pre-established TCP/QUIC/WebSocket or HTTP/2 connections.

Free, open source and cross-platform app to decrypt, read and view the Whatsapp msgstore.db database

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

MCP Server for Ghidra

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Zyrox: LLVM based, compile-time obfuscator plugin.

Windows Session Hijacking via COM

This repository consists of extensions, that hacktron uses to execute specific workflows in CLI.

Rust-powered HTTP Request Smuggling Scanner.

NeuroSploit is an advanced, AI-powered penetration testing framework designed to automate and augment various aspects of offensive security operations. Leveraging the capabilities of large language…

Advanced LLM-powered brute-force tool combining AI intelligence with automated login attacks

Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

Orsted C2 Framework

Integrate LLM models directly into Ghidra for automated code refactoring and analysis.