A workshop about Malware Development

Alternative Shellcode Execution Via Callbacks

Python, C++ and Go

User enumeration with Microsoft Teams API

A tool for generating fake code signing certificates or signing real ones

Enumerate and disable common sources of telemetry used by AV/EDR.

Organized list of my malware development resources

A bunch of my exploit development helper tools, collected in one place.

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

Powerful yet simple to use screenshot software 🖥️ 📸

A tool for checking if MFA is enabled on multiple Microsoft Services

Data exfiltration over DNS request covert channel

Windows / Linux Local Privilege Escalation Workshop

AzureADRecon is a tool which gathers information about the Azure Active Directory and generates a report which can provide a holistic picture of the current state of the target environment.

Adversary Tactics - PowerShell Training

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Tool for password spraying RDP

Six Degrees of Domain Admin

List of Awesome Red Teaming Resources

TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Attack and defend active directory using modern post exploitation adversary tradecraft activity

Hide your Powershell script in plain sight. Bypass all Powershell security features

The goal of this repository is to document the most common techniques to bypass AppLocker.

The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.

PACK (Password Analysis and Cracking Kit)

Small and highly portable detection tests based on MITRE's ATT&CK.