A Mythic C2 Profile that uses AWS S3 for command and control communication with per-execution credential isolation.

Tailscale/Headscale C2 profile and agent for Mythic

NetBird mesh VPN C2 profile and Stymphalian demo agent for Mythic

IOGPUFamily bitmap_mask underflow → kernel heap OOB write. First public PoC. Original discovery by Wang Yu of Cyberserval.

KslDump — Why bring your own knife when Defender already left one in the kitchen?

Security scanner for AI agents, MCP servers and agent skills.

Agentic malware analysis environment with MCP-connected disassemblers, RE tooling, and structured workflows for Claude Code and Codex CLI.

An S3 account ID enumeration and bucket discovery tool

Workshop on firmware reverse engineering

PDF MCP server with image rendering capabilities. Useful for automatically searching datasheets, manuals, etc...

Successor of Undetected-Chromedriver. Providing a blazing fast framework for web automation, webscraping, bots and any other creative ideas which are normally hindered by annoying anti bot systems …

A tool to automate MS Direct Send emails

Extract Windows credentials directly from VM memory snapshots and virtual disks

Xalgorix - The Most Powerful Open-Source AI Pentesting Agent

Damn Vulnerable MCP Server Project

**SPiCa** (System Process Integrity & Cross-view Analysis) is an eBPF-based rootkit detection engine written in Rust. It utilizes a "Binary Star" architecture to detect process masquerading and "Gh…

ADFT v1.0 --- Active Directory Forensic Toolkit

Monitor the Windows Event Log with grep-like features or filtering for specific Event IDs

The All in One Framework to Build Undefeatable Scrapers

Automatic Microsoft 365 Documentation to simplify the life of admins and consultants.

A collection of practical SOC investigation playbooks for common security alerts including brute-force attacks, phishing incidents, suspicious PowerShell activity, and potential data exfiltration.

A collection of PowerShell scripts for analyzing macOS Forensic Artifacts

AI-Powered Active Directory Attack Platform

A Windows kernel driver viewer and manager built in Rust — real-time enumeration, signature verification, SCM operations, and multi-format exports with a modern dark-themed GUI.

Here is some resources about macOS/iOS system security.