HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

Collection of publicly available IPTV channels from all over the world

Complete list of LPE exploits for Windows (starting from 2023)

A collection of Azure AD/Entra tools for offensive and defensive security purposes

This is a multi-use bash script for Linux systems to audit wireless networks.

Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)

PoCs and tools for investigation of Windows process execution techniques

Adversary Emulation Framework

This is the tool to dump the LSASS process on modern Windows 11

Identify privilege escalation paths within and across different clouds

A .NET Framework 4.0 Windows Agent

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, inst…

Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.

EDR Lab for Experimentation Purposes

Situational Awareness commands implemented using Beacon Object Files

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

Simple (relatively) things allowing you to dig a bit deeper than usual.

A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.

Obfuscate Go builds

A set of .NET libraries for Windows implementing PInvoke calls to many native Windows APIs with supporting wrappers.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Fake API Server for AI-Bypass

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

The ultimate WinRM shell for hacking/pentesting

KittyLoader is a highly evasive loader written in C / Assembly