An open-source, free protector for .NET applications

Sliver agents for Mythic

Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan in-memory .NET assembly loads. This tool unhooks that functi…

Speedy probe-based UDP service scanner

Windows remote execution multitool

A modern, fast, and pentester-friendly NFS client built for red teams, security researchers, and anyone who wants full control over remote NFS exports — without needing to mount them.

Obex – Blocking unwanted DLLs in user mode

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

Shellcode loader generator with multiples features

Weaponize DLL hijacking easily. Backdoor any function in any DLL.

The Havoc Framework

PowerShell tool to enumerate existing exclusions in Windows Defender as low privileged user

CLI tool to interact with the BloodHound CE API

Group Policy Objects manipulation and exploitation framework

Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory environment.

.NET, PE, & Raw Shellcode Packer/Loader Written in Nim

A Nim implementation of reflective PE-Loading from memory

Because AV evasion should be easy.

Shellcode loader that I created to use for VulnLab's Shinra.

Domain Password Audit Tool for Pentesters

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment via Ludus for controlled testing.

A list of public penetration test reports published by several consulting firms and academic security groups.