A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, without touching LSASS process memory.

A Rust template for writing Beacon Object Files (BOFs)

AutoPentestX – Automated Pentesting & Vulnerability Reporting Tool

HTML parser for PEAS output with additional features

LinOTP - the open source solution for two factor authentication

Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark.

The connected place for Windows system administration

Portable SSH Terminal (Using libssh2_esp)

A tool for hacking into publicly exposed network cameras, with support for targeting specific countries and regions, and visualizing the collected camera data on an interactive map. It also support…

Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

A high-speed covert tunnel that disguises TCP traffic as SMTP email communication to bypass Deep Packet Inspection (DPI) firewalls.

Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.

Detection Script for MongoBleed Exploitation

Collection of offensive security scripts

a port of unipwn onto the pineapple pager. untested!!

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

EVA is an AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.

KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Microsoft Sentinel environments.

Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

AppLocker-Based EDR Neutralization

Serverless AITM Simulation Framework for Entra ID and M365

Cybersecurity oriented awesome list

Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption

Various tips & tricks

Phantom Keylogger is an advanced, stealth-enabled keystroke and visual intelligence gathering system.