CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

Adversary tradecraft detection, protection, and hunting

Shellcode loader

AutoAR is a comprehensive web-based security scanning and vulnerability management platform that automates the process of reconnaissance and vulnerability assessment across multiple domains.

windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around kuser_shared_data. supported com…

Collect Windows telemetry for Maldev

x86 packer in masm, process hollowing, remapping ntdll

The Project Show us, How we can leverage Powershell script automation to collect artifacts and create work efficient. The motive of this Project is to reduce manual efforts and increase productivity.

Abusing Intune for Lateral Movement over C2

Active Directory Enumeration & Exploitation Tool

A universal binary patching dll.

Generate a proxy dll for arbitrary dll

A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

A cheat sheet for CrackMapExec and NetExec

This program show you IMSI numbers of cellphones around you.

This repo contains some Amsi Bypass methods i found on different Blog Posts.

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Okta Verify and Okta FastPass Abuse Tool

A GUI and CLI tool for removing bloat from executables

This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.

A python Flask app that generates dynamic DTDs for easy out-of-band data exfiltration.

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

Cobaltstrike UDRL with memory evasion

A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by threat actors & those which have been incorporated into ope…

A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.

This repository contains dotNet tools to address dotNet binary bloat.