HiddenVM — Use any desktop OS without leaving a trace.

Go编写的多人运动渗透测试图形化框架、支持lua插件扩展、自定义多个模块、自定义shellcode、文件管理、进程管理、内存加载、反向代理等功能

Spoofing desktop login applications with WinForms and WPF

Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

Azure Data Exporter for BloodHound

Linux network and security sandbox with support for kernel exploit protection as well as VPN and proxy chaining

绕过AV/EDR的代码例子（Code example to bypass AV/EDR）

Azure JWT Token Manipulation Toolset

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Windows GUI Client for Tor Expert Bundle

A light-weight first-stage C2 implant written in Nim.

HVNC for Cobalt Strike

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)

The Havoc Framework

Online hash checker for Virustotal and other services

EMBA - The firmware security analyzer

evilginx2 + gophish

Abusing Github API to host our C2 traffic, usefull for bypassing blocking firewall rules if github is in the target white list , and in case you don't have C2 infrastructure , now you have a free one

Adversary Emulation Framework

Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique

EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation