SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version fo…

Mobile application for Audiobookshelf

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

Windows protocol library, including SMB and RPC implementations, among others.

365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.

IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare

Obex – Blocking unwanted DLLs in user mode

Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.

Weaponize DLL hijacking easily. Backdoor any function in any DLL.

Bypass user-land hooks by syscall tampering via the Trap Flag

The Fully Customizable Desktop Environment for Windows 10/11.

Group Policy Objects manipulation and exploitation framework

A hoontr must hoont

List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.

AzureAD beacon object files

Evasive Payload Delivery Server & C2 Redirector

C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, pivot and more.

PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph

Seamless remote browser session control

SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.

A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabil…

Code execution/injection technique using DLL PEB module structure manipulation

Reflective shellcode loaderwith advanced call stack spoofing and .NET support.

Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephemeral access into restricted environments using Tailscale’s …

Silently Install Chrome Extension For Persistence

This code silently installs Chrome extensions on Mac, Windows, and Linux

Library of BOFs to interact with SQL servers

Dump cookies and credentials directly from Chrome/Edge process memory