Find phishing kits which use your brand/organization's files and image.

A post-exploitation powershell tool for extracting juicy info from memory.

IP lookup by favicon using Shodan

The SSH Multiplex Backdoor Tool

Fetch libc and parse libc.so automatically

Python interface for the unpac.me binary unpacking service

PSAmsi is a tool for auditing and defeating AMSI signatures.

Mass scan IPs for vulnerable services

Tool that converts All of libc to signatures for IDA Pro FLIRT Plugin. and utility make sig with FLAIR easily

Drone pentesting framework console

Stealthy backdoor for Windows operating systems

A kernel rootkit with remote command and control interface for windows

Shim database persistence (Fin7 TTP)

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.

Source code about machine learning and security.

AV/EDR evasion via direct system calls.

Open source pre-operation C2 server based on python and powershell

C# Script used for Red Team

A Telegram Mass Surveillance Bot in Python

A series of mini-projects used to learn C for beginners

Scripts I used during CTP

Enumerate information from NTLM authentication enabled web endpoints 🔎

Generate pentest reports based on github issues.

Extract credentials from lsass remotely

Convert Fortigates "diagnose sniffer" output to pcap files

Inject .Net payloads into other .Net assemblies on disk

A simple PoC for WordPress RCE (author priviledge), refer to CVE-2019-8942 and CVE-2019-8943.

A tool for collecting compromised email address