Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack, implemented in C++ and Python.

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)

Dominate the domain. Relay to royalty.

Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

Kerberos CNAME abuse PoC

Python tool to automatically perform SPN-less RBCD attacks.

pwning IPv4 via IPv6

The DCERPC only printerbug.py version

Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.

A small script that automates Entra ID persistence with Windows Hello For Business key

CVE-2025-26794: Blind SQL injection in Exim 4.98 (SQLite DBM)- exploit writeup

CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalati…

Intelligent automation and multi-agent orchestration for Claude Code

JamfHound is a python3 project designed to collect and identify attack paths in Jamf Pro tenants based on existing object permissions by outputting data as JSON for ingestion into BloodHound.

Testing TLS/SSL encryption anywhere on any port

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Microsoft Account Enumeration Tool

Conference presentation slides

Script to check Azure Front Door WAF for insecure RemoteAddr variable

A tool for coercing and relaying Kerberos authentication over DCOM and RPC.

The personal finance app for everyone

A library for detecting known secrets across many web frameworks

top usernames from azure survey 2025

A next-generation crawling and spidering framework.

😎🏖️🐬 Your new, 𝙧𝙞𝙙𝙤𝙣𝙠𝙪𝙡𝙞𝙘𝙞𝙤𝙪𝙨𝙡𝙮 smart clipboard manager

onedrive user enumeration - pentest tool to enumerate valid o365 users

Everything and anything related to password spraying

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

Simple python tool for password spraying against a 401 endpoint (basic/ntlm) when you know a lockout policy (ie will try X number of attempts, then sleep for Y minutes)