FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading

A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader

Dll that can be used for side loading and other attack vector.

Introducing the Ransomware Builder – an educational tool with a sleek, modern GUI that makes it easy for anyone to create their own ransomware. Perfect for learning and awareness, our user-friendly…

Process injection alternative

Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers

Using LNK files and user input simulation to start processes under explorer.exe

Cobalt Strike BOF that Add a user to localgroup by samr

The Never-Ending Hide and Seek: The Tale of APTX4869 Rootkit

Bypass LSA protection using the BYODLL technique

AV/EDR killer using BYOVD technique

DeimosC2 is a Golang command and control framework for post-exploitation.

Write-ups and proof of concepts of design and implementaion of various modern malwares.

A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks.

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA …

SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

Another webui for youtube-dl powered by Flask.

Fully featured and community-driven hacking environment

A cross-platform rust no-std library for verifying and extracting signature information from PE files.

NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support

This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian

Brand new TTS solution

Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA …

Modular Enumeration and Password Spraying Framework

A sound cloning tool with a web interface, using your voice or any sound to record audio / 一个带web界面的声音克隆工具，使用你的音色或任意声音来录制音频

Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines

Phishing with a fake reCAPTCHA