evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

PowerTools is a collection of PowerShell projects with a focus on offensive operations.

The Network Execution Tool

Python's http.server extended to include a file upload page

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Various scripts for penetration testing

Common User Passwords Profiler (CUPP)

CeWL is a Custom Word List Generator

Shared library implementations that transform the containing process into a shell when loaded (useful for privilege escalation, argument injection, file overwrites, LD_PRELOAD, etc.). This fork fix…

Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging

Collection of various malicious functionality to aid in malware development

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Crack legacy zip encryption with Biham and Kocher's known plaintext attack.

The Leading Security Assessment Framework for Android.

The ultimate WinRM shell for hacking/pentesting

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

hydra

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

SQLAlchemy Admin for FastAPI and Starlette

Automation for internal Windows Penetrationtest / AD-Security

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

A fast TCP/UDP tunnel over HTTP

Netcat for windows 32/64 bit

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

Windows system utilities to maximize productivity

A semi-interactive PHP shell compressed into a single file.

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

.NET debugger and assembly editor