An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard history.

Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.

winapp, the Windows App Development CLI, is a single command-line interface for managing Windows SDKs, packaging, generating app identity, manifests, certificates, and using build tools with any ap…

Using Chromium-based browsers as a proxy for C2 traffic.

SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version fo…

Mobile application for Audiobookshelf

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

Windows protocol library, including SMB and RPC implementations, among others.

365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.

IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare

Obex – Blocking unwanted DLLs in user mode

Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.

Weaponize DLL hijacking easily. Backdoor any function in any DLL.

Bypass user-land hooks by syscall tampering via the Trap Flag

The Fully Customizable Desktop Environment for Windows 10/11.

Group Policy Objects manipulation and exploitation framework

A hoontr must hoont

List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.

Evasive Payload Delivery Server & C2 Redirector

C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, pivot and more.

PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph

Seamless remote browser session control

SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.

A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabil…

Code execution/injection technique using DLL PEB module structure manipulation

Reflective shellcode loaderwith advanced call stack spoofing and .NET support.