Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.

Galago extracts encryption keys from ARM64 Android native libraries through controlled emulation.

Python tool to automatically perform SPN-less RBCD attacks.

A collection of methods to learn who the owner of an IP address is.

A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers.

AADInternals PowerShell module for administering Azure AD and Office 365

Sysmon Config Pusher - Modernized

The open source coding agent. (Unleashed 、Removing LLM safety guardrails）

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security teste…

A self hosted virtual browser that runs in docker and uses WebRTC.

Chrome DevTools for coding agents

Reverse engineering Chase H.Q. for the ZX Spectrum

exploit for cve-2025-43529

Explanation and full RCE PoC for CVE-2025-55182

deflat plugins for ida pro

writings on anti-reverse engineering.

CVE-2025-68926 - RustFS Hardcoded gRPC Authentication Token Exploit

Title is self explaining, well theres few methods we can do to read locked file and play with it...

IDA Pro utilities from FLARE team

Wireshark plugin for dissecting the Telegram protocol

Open addressing hash map

Yet another machine learning-based WAF research

The $35 Hackable Satellite

Build AI-powered security tools. 50+ hands-on labs covering ML, LLMs, RAG, threat detection, DFIR, and red teaming. Includes Colab notebooks, Docker environment, and CTF challenges.

Shellcode injection using the Windows Debugging API

Binary analysis MCPs collections

IDA Codex MCP bridges IDA Pro 9.2 with the MCP ecosystem. It provides an IDA plugin and a stdio MCP server that expose function lists, call graphs, Hex‑Rays pseudocode, disassembly, imports/exports…