A high-speed covert tunnel that disguises TCP traffic as SMTP email communication to bypass Deep Packet Inspection (DPI) firewalls.

Agentic AI tool for offensive security and pentesting

An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard history.

Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.

Microsoft Network Service Fingerprinting Tool

Open Source Intelligence Interface for Deep Web Scraping

Another meterpreter injection technique using C# that attempts to bypass Defender

Sleep obfuscation proof of concept using Tp* WINAPI functions

Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

PoC for generating bthprops.cpl module designed to be loaded by Fsquirt.exe LOLBin

JWT Auditor – Analyze, break, and understand your tokens like a pro.

Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.

Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal Palace.

Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty

Shellcode injection using the Windows Debugging API

Run shellcode through InnoSetup code engine.

Find XSS payloads that actually work by filtering them based on real-world constraints instead of blind payload spraying.

使用AI与IDA MCP协作挖掘漏洞驱动

Advanced Windows authentication token extraction and decryption tool for red team operations and security research

Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.

"Web-Cache-Deception-Scanner" Extension for BurpSuite

src资产管理漏洞扫描平台，子域名爆破，端口扫描，站点发现，目录扫描，爬虫，漏洞扫描

NewCobaltstrikeTeamServer 是一个尝试用 Go 语言重写的 Cobalt Strike 服务端项目，目前正在开发中，一个学习的产物

NeuroSploitv2 is an advanced, AI-powered penetration testing framework designed to automate and augment various aspects of offensive security operations. Leveraging the capabilities of large langua…

Convert malicious shellcode .bin files to emoji strings for osbfucation

sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux

arm64 linux position-independent shellcode framework

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!