An x64 shared object injector for Linux

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it wi…

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

BOF to decrypt Signal Desktop chat logs

OT SIEM Lab for ICS networks.

Active Directory Authentication Library

SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.

system call hook for Linux

Loading BOF & ShellCode without executable permission memory.

Elastic Security detection content for Endpoint

Generic PE loader for fast prototyping evasion techniques

Wireshark for Docker containers

A project that demonstrates embedding shellcode payloads into image files (like PNGs) using Python and extracting them using C/C++. Payloads can be retrieved directly from the file on disk or from …

Generate and Manage KeyCredentialLinks

Your Skyfall Infrastructure Pack

Parser and reconciliation tooling for large Active Directory environments.

Tool for viewing NTDS.dit

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

LummaC2 extracted binaries by reversing & LummaC2 Stealer Analysis

C2-下一代RAT

Tamper Active Directory user attributes to collect their hashes with MS-SNTP

Compiler for the C3 language

Our Tips&Tricks

Open Source Identity and Access Management For Modern Applications and Services

A small script that automates Entra ID persistence with Windows Hello For Business key

Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options