A recursive internet scanner for hackers.

Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, dis…

Dumping DPAPI credz remotely

Sustainable shellcode evasion

Interactively authenticate to GlobalProtect VPNs that require SAML

Cobalt Strike kit for Lateral Movement

Cobalt Strike kit for Persistence

GQL Burp Extension

Notes about attacking Jenkins servers

A Tool for Domain Flyovers

Alternative C# Implementation tool to retrieve Active Directory Integrated DNS records with IP addresses

Surveillance Detection Scout: Your Lookout on Autopilot

Google Search Scraper

The SpecterOps project management and reporting engine

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Convert Word documents (.docx files) to HTML

Exercises to learn how to fuzz with American Fuzzy Lop

Collection of IronPython scripts and executables for penetration testing

Toolbox containing research notes & PoC code for weaponizing .NET's DLR

In-depth attack surface mapping and asset discovery

Find vulnerabilities in AD Group Policy

Generates x86, x64, or AMD64 x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

This script is a multi-threaded Okta password sprayer.

Domain Password Audit Tool for Pentesters

Auto Root Exploit Tool