Your personal 'Mini Shodan'. A high-performance network reconnaissance engine designed for massive scale asset discovery. Specializes in identifying unsecured services (Open RTSP Cameras, No-Auth V…

An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer

Powershell tool to automate Active Directory enumeration.

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

Collection of PoC and offensive techniques used by the BlackArrow Red Team

HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.

Apply a divide and conquer approach to bypass EDRs

NanoDumpInject from https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/ , minor edits with a few syscalls

🎓 Path to a free self-taught education in Computer Science!

MSMQ security analysis tool

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

A list of private and public (more or less) blackhat boards

Quick and dirty dynamic redirect.rules generator

Win 10 Powershell Script to tweak and change windows settings

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Random repo of machine learning ideas orchestrated in python

This is an implementation of a native-code Meterpreter, designed for portability, embeddability, and low resource utilization.

Unified repository for different Metasploit Framework payloads

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

Six Degrees of Domain Admin

The ultimate Vim configuration (vimrc)

libnmap is a python library to run nmap scans, parse and diff scan results. It supports python 2.7 up to 3.8. It's wonderful.