List the ETW provider(s) in the registration table of a process.

Active Directory certificate abuse.

Windows Session Hijacking via COM

Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel

A cmake template for crystal palace

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by surgically patching SeCiCallbacks via native subsystem. Inclu…

Simulate the behavior of AV/EDR for malware development training.

Collect Windows telemetry for Maldev

Arsenal is just a quick inventory and launcher for hacking programs

PowerShell Obfuscator

pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers

Patchless AMSI bypass using hardware breakpoints and a vectored exception handler to intercept AmsiScanBuffer and AmsiScanString before they execute. The bypass reads the 5th parameter (the AMSI re…

Educational PowerShell-based shellcode injection library.

All kinds of tiny shells

Remove API hooks from a Beacon process.

UDC2 implementation that provides an ICMP C2 channel

Collection of Beacon Object Files (BOF) for Cobalt Strike

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

BOF for Kerberos abuse (an implementation of some important features of the Rubeus).

A collection of (mostly) technical things every software developer should know about

Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.

Samples and Tools for Windows ML.

A pure-python fully automated and unattended fuzzing framework.

An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user in…

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…