A tool for folks who `git clone` first and ask questions later

A Sliver C2 modification utility that enhances operational stealth by renaming protobuf definitions, regenerating protocol buffers, updating Go references, and resolving method call collisions. Des…

Supporting PoCs and scripts for my talk "OverLAPS: Overriding LAPS Logic"

CyberSecurity BLUE TEAM containerized platform that brings together open-source tools for SIEM, DFIR, CTI, SOAR, and Network Analysis

Latest CVEs with their Proof of Concept exploits.

Active Directory Integrated DNS dumping by any authenticated user

Fixed 2025 version of Mega Dumper with 64 bit and generic PE support. It can solve Enigma Latest (7.90)

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

AuditKit - Multi-Cloud Compliance Scanner & Evidence Collection

The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.

A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass

Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist

Low-level unprivileged sandboxing tool used by Flatpak and similar projects

Open source image background removal model

A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.

Adobe Experience Manager (AEM) hacking toolkit

SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes.

EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.

AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments

A cross-platform network monitoring terminal UI tool built with Rust.

load shellcode without P/D Invoke and VirtualProtect call.

Firebase Misconfiguration Detection Toolkit - To be presented at Blackhat EU Arsenal

Living Under the Land on Linux ~ BSides Belfast 2025

Toolkit to turn Chromium vulnerabilities into full-chain exploits

AI agent whose purpose is to conduct vulnerability tests on LLMs from SAP AI Core or from local deployments, or models from HuggingFace. The goal of this project is to identify and correct any pote…

Open-source AI hackers to find and fix your app’s vulnerabilities

Hide your scrapers IP behind the cloud. Provision proxy servers across different cloud providers to improve your scraping success.

This is the tool to dump the LSASS process on modern Windows 11