An extremely fast Python package and project manager, written in Rust.

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

simple terminal UI for git commands

ActiveScan++ Burp Suite Plugin

Adds ability to download models from IKEA website

Azure Post Exploitation Framework

Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC

Automagically reverse-engineer REST APIs via capturing traffic

A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Unlocking Serverless Computing to Assess Security Controls

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.

Install and Run Python Applications in Isolated Environments

Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"

Fuzz 401/403/404 pages for bypasses

GitHub Actions Pipeline Enumeration and Attack Tool

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

A collection of scripts for assessing Microsoft Azure security

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

Epyon is a swiss army knife tool for pentesting DevOps ecosystems.

Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps C…

Hjson, a user interface for JSON

This is to enable 60fps and GPU acceleration on RDP connection

Automagically sends IP broadcast packets to all interfaces on Windows

Re-imagining Windows like a minimal OS install, already debloated with minimal impact for most functionality.

Automatically look for paramater reflections in the HTTP response