PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads

PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.

Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By following this approach, a security researcher will hopeful…

A tool to play with scheduled tasks on Windows, in Rust

Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.

SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version fo…

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

Stealthily inject shellcode into an executable

A next-generation HTTP stealth proxy which perfectly cloaks requests as the Chrome browser across all layers of the stack.

Dynamic shellcode loader with sophisticated evasion capabilities

The best ChatGPT that $100 can buy.

Linux Kernel Rootkit for modern kernels (6x)

🚀🚀 「大模型」2小时完全从0训练26M的小参数GPT！🌏 Train a 26M-parameter GPT from scratch in just 2h!

Terminal session recorder, streamer and player 📹

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

Sliver Extension to monitor target's screen and automatically grab QRCodes displayed during MFA enrollement

A PoC to deploy a Sliver Agent with amsi bypass, process injection, hollowing and OpSec

Payload execution research tool leveraging the Windows Atom Table — for authorized red teaming and security research only.

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

Automated environment setup for Bootkit & Rootkit development.

A curated compilation of extensive resources dedicated to bootkit and rootkit development.

Windows Kernel Rootkit

Windows UEFI Bootkit

TypeScript/JavaScript client libraries for Sliver

A collection of red teaming and adversary emulation related tools, scripts, techniques, notes, etc

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely

C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.