The Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems.

A lightning-fast search engine API bringing AI-powered hybrid search to your sites and applications.

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

The Network Execution Tool

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Static Application Security Testing Analyzer for JavaScript Source Code

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

A Workflow Engine for Offensive Security

🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages

A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

Open device management

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Develo…

Privilege Escalation Enumeration Script for Windows

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

LD_PRELOAD rootkit

A light C# implant that bypasses Windows Firewall and Defender

A copy of my little beautiful malware I used in IRSeC 2019

Ansiblezed project to automate data acquisition (Memory and Disk) for VMware vSphere.

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

ezHTB is a reconnaissance tool for HackTheBox.

Discord C2 for Redteam....Need a better name

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Impacket is a collection of Python classes for working with network protocols.