Self-contained script for cleaning forensic traces on Linux, macOS, and Windows.

Agent for AdaptixC2 with focus in evasion, capability and malleable.

Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but for security research and penetration testing! 🎫

Exhaustive search and flexible filtering of Active Directory ACEs.

Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.

A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its minimalist, robust, and highly adaptable architecture, this solu…

Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies

A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications. This can be done without requiring access to SCCM server.

A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.

The Open Source Alternative to Cluely - A lightning-fast, privacy-first AI assistant that works seamlessly during meetings, interviews, and conversations without anyone knowing. Built with Tauri fo…

Digital Mind Extension

burp collaborator server in docker

A delicious, but malicious SSL-VPN server 🌮

unleashed ffuf

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the …

Flutter Mobile Application Reverse Engineering Tool

A sandbox environment designed for loading, running and profiling a wide range of files, including machine learning models, ELFs, Pickle, Javascript and more

PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirectory module (ADWS) or System.DirectoryServices class (LDAP).

An open-source, self-hosted note-taking service. Your thoughts, your data, your control — no tracking, no ads, no subscription fees.

入侵痕迹清理/Cleaning up traces of intrusion

NTLM relaying for Windows made easy

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions

Arc is a customized Redpill Loader for DSM 7.x (Xpenology) with enhanced hardwaresupport, addons, guided (semi-automated) installation and more. Multiple customization options are built-in. It is m…

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5