Gin is a high-performance HTTP web framework written in Go. It provides a Martini-like API but with significantly better performance—up to 40 times faster—thanks to httprouter. Gin is designed for …

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Small scripts that make life better

Flamingo captures credentials sprayed across the network by various IT and security products.

A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.

This is a simple rails project to demonstrate numerous examples of caracal behavior. Useful for testing.

NSE script based on Vulners.com API

Chameleon: A tool for evading Proxy categorisation

framework to rapidly implement custom droppers for all three major operating systems

Run PowerShell command without invoking powershell.exe

Socks proxy, and reverse socks server using powershell.

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Wiki to collect Red Team infrastructure hardening resources

PowerShell Pass The Hash Utils

The iOS Security Testing Framework

An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)

Incident Response Methodologies

An experimental grammar fuzzer in Haskell using QuickCheck

A PowerShell TCP/IP swiss army knife.

Search exploits in multiple exploit databases!