Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning

Transform Python source code into its most compact representation

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

A delicious, but malicious SSL-VPN server 🌮

The easiest, most secure way to use WireGuard and 2FA.

An open source, self-hosted implementation of the Tailscale control server

An open-source windows defender manager. Now you can disable windows defender permanently.

Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive da…

A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables tha…

Open-source Windows and Office activator featuring HWID, Ohook, KMS38, and Online KMS activation methods, along with advanced troubleshooting.

reCAPTCHA lookalike widget

Killer tool is designed to bypass AV/EDR security tools using various evasive techniques.

Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.

Extract and execute a PE embedded within a PNG file using an LNK file.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.

This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callb…

lsassdump via RtlCreateProcessReflection and NanoDump

PowerRunAsSystem is a PowerShell script, also available as an installable module through the PowerShell Gallery, designed to impersonate the NT AUTHORITY/SYSTEM user and execute commands or launch …

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository…

Leverage WindowsApp createdump tool to obtain an lsass dump

Bypass LSA protection using the BYODLL technique

Phishing with a fake reCAPTCHA

This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at the forefront of the field. It serves as a central repository…

Lab used for workshop and CTF

Make BASH stealthy and hacker friendly with lots of bash functions

A resource containing all the tools each ransomware gangs uses

tun2socks - powered by gVisor TCP/IP stack

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, function hooking or Import Address Table (IAT) modification.