Starred repositories
Deception implementation through analysis of BloodHound data
Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…
Lateral Movement Bof with MSI ODBC Driver Install
IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare
Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephemeral access into restricted environments using Tailscale’s …
Windows protocol library, including SMB and RPC implementations, among others.
Delete file regardless of whether the handle is used via SetFileInformationByHandle
Cobalt Strike 4.x Aggressor Script to assist the Red Team Operator with number, datetime, and data conversions/decoding.
9
Updated Sep 28, 2025
A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread
EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.
Proof-of-concept implementation of AI-enabled postex DLLs
BOF to steal browser cookies & credentials
The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencies.
Collect infrastructure and permissions data from vCenter and export it as a BloodHound‑compatible graph using Custom Nodes/Edges
The world's smartest system-wide grammar assistant; a better version of the Apple Intelligence Writing Tools. Works on Windows, Linux, & macOS, with the free Gemini API, local LLMs, & more.
Dump Azure AD Connect credentials for Azure AD and Active Directory
A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.