⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Build GUI for your Python program with JavaScript, HTML, and CSS

The swiss army knife of lossless video/audio editing

An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.

🔪 Scan memory for secrets and more. Maybe eventually a full /proc toolkit.

winlibs standalone build of GCC compiler and MinGW-w64

SysWhispers on Steroids - AV/EDR evasion via direct system calls.

Harvest passwords automatically from OpenSSH server

🙃 A delightful community-driven (with 2,400+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python…

Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

Automatic SQL injection and database takeover tool

Stealing Signatures and Making One Invalid Signature at a Time

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

A light-weight first-stage C2 implant written in Nim (and Rust).

Cacti ™

A swiss army knife for pentesting networks

A workshop about Malware Development

Nim-based assembly packer and shellcode loader for opsec & profit

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

This repo covers some code execution and AV Evasion methods for Macros in Office documents

A modern 64-bit position independent implant template

UAC bypass by abusing RPC and debug objects.

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Simple reverse ICMP shell

Customizable Windows terminal with tabs, splits, quake-style, hotkeys and more

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Lovely console emulator package for Windows