Tools and Techniques for Red Team / Penetration Testing

Collection of Cyber Threat Intelligence sources from the deep and dark web

Windows User-Mode Shellcode Development Framework (WUMSDF)

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

🔄 A simple tool to backup and sync your git repositories

侦查守卫(observer_ward)Web应用和服务指纹识别工具

Scan for sensitive information easily and effectively.

A high-performance http proxy tunneling tool

Testing TLS/SSL encryption anywhere on any port

The Network Execution Tool

NocoBase is the most extensible AI-powered no-code/low-code platform for building business applications and enterprise solutions.

Extract SAM and SYSTEM using Volume Shadow Copy (VSS) API. With multiple exfiltration options and XOR obfuscation

A simple, lightweight PowerShell script to remove pre-installed apps, disable telemetry, as well as perform various other changes to customize, declutter and improve your Windows experience. Win11D…

Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool

a BOF implementation of various registry persistence methods

Identify Azure AD resources that issue tokens without MFA enforcement using the ROPC grant flow.

EDR-Redir : a tool used to redirect the EDR's folder to another location.

SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version fo…

A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses …

This is the tool to dump the LSASS process on modern Windows 11

EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.

PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads

Go 代码混淆工具，使用 AST (抽象语法树) 技术实现跨文件的代码混淆，同时保证混淆后的代码可编译和可执行。

Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.

Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but for security research and penetration testing! 🎫

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Dump cookies directly from Chrome process memory

Step-by-step documentation on how to decrypt SCCM database secrets offline

Pentester's Promiscuous Notebook

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.