Vast.ai Password Kracking

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

An eBPF-based traffic obfuscation system that try to disguises WireGuard protocol traffic to bypass DPI and government censorship

Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.

A productionized greedy coordinate gradient (GCG) attack tool for large language models (LLMs)

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy lea…

The repo contains a series of challenges for learning Frida for Android Exploitation.

A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.

Godot Engine – Multi-platform 2D and 3D game engine

Master programming by recreating your favorite technologies from scratch.

Linux containers from scratch in C.

Unofficial mirror of mob development branch

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

Tools and Techniques for Red Team / Penetration Testing

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

Weaponized Browser-in-the-Middle (BitM) for Penetration Testers

Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.

BlackLotus UEFI Windows Bootkit

A modern, user friendly, generic, type-safe and fast C99 container library: String, Vector, Sorted and Unordered Map and Set, Deque, Forward List, Smart Pointers, Bitset and Random numbers.

a tool to help operate in EDRs' blind spots

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

A workshop about Malware Development

Kraken, a modular multi-language webshell coded by @secu_x11

A set of prioritized Hashcat .hcmask files intelligently developed from terabytes of password breach datasets and organized by run time.

JavaScript Style Guide

A list of Free Software network services and web applications which can be hosted on your own servers

Retired beginner/intermediate malware analysis training materials from @pedramamini and @erocarrera.