Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC

Open-source Windows and Office activator featuring HWID, Ohook, KMS38, and Online KMS activation methods, along with advanced troubleshooting.

A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables tha…

Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)

Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.

Ready to go Phishing Platform

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

Zero Infrastructure Password Cracking

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Easily and securely send things from one computer to another 🐊 📦

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

一款后渗透免杀工具，助力每一位像我这样的脚本小子快速实现免杀，支持bypass AV/EDR 360 火绒 Windows Defender Shellcode Loader

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

File formats dissections and more...

Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)

Fluxion is a remake of linset by vk496 with enhanced functionality.

An ADCS honeypot to catch attackers in your internal network.

Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics…

Polymorphic Command & Control

Multiplatform Python WebShell

The Shadow Attack Framework

Red team Interview Questions

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Dex to Java decompiler

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping