Weaponize DLL hijacking easily. Backdoor any function in any DLL.

PIC shellcode (C/C++) development toolkit designed for malware developers.

transform your payload into ipv4/ipv6/mac arrays

Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supported)! ☢️

The ultimate crawler designed for lightning-fast recursive URL scraping.

My shellcodes (or shellcodish-things) written for educational purpose in NASM assembly.

Custom Google search engine dedicated to IT security & hacking stuff. Over 240 high-quality sources.

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be u…

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it w…

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and th…

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

🔯 Modern, batteries-included Hugo theme for creating beautiful doc, blog and static websites

在xxe中使用smb外带多行内容

一个专注于 Java Web 特性、配置和 Trick 的安全谜题集合

ASP & ASP.NET WebShell Bypass

利用代理驱动绕过JDBC Attack检测

Java bytecode line number restoration tool

A WinDbg extension to trace COM interactions

Reverse Engineering: Decompiling Binary Code with Large Language Models

A security auditor for Tailscale configurations. Scans your tailnet for misconfigurations, overly permissive access controls, and security best practice violations.

A simple C implementation to decoded your shellcode and writes it directly to memory

Static code analysis tool based on Elasticsearch

A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.

Find Microsoft Exchange instance for a given domain and identify the exact version

Simple and lazy script to request tokens from Microsoft using Device Code Flow

Web-based tool to generate and validate Malicious Jinja2 expression to use in offensive operations

PoC for generating an APPWIZ.cpl module designed to be loaded by Fondue.exe LOLBin

This is the leaked source code of Windows Server 2003

PoC for generating bthprops.cpl module designed to be loaded by Fsquirt.exe LOLBin

This proof-of-concept project demonstrates starting processes under different parent processes in Windows using simulated keystrokes.