The Havoc Framework

Pydoll is a library for automating chromium-based browsers without a WebDriver, offering realistic interactions.

An agent framework for Go with graph-aware memory, UTCP-native tools, and multi-agent orchestration. Built for production.

Terminal UI OS (Terminal Multiplexer)

Claude Code Skill for browser automation with Playwright. Model-invoked - Claude autonomously writes and executes custom automation for testing and validation.

A utility leveraging Windows 10+ mechanisms to intercept process creation by registering a debugger in the system registry.

Obex – Blocking unwanted DLLs in user mode

Fluently detect security measures in software.

A powerful coding agent toolkit providing semantic retrieval and editing capabilities (MCP server & other integrations)

A terminal-based SSH manager inspired by lazydocker and k9s - Written in go

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

🔢 Bits, bytes and address calculator

n³ The unorthodox terminal file manager

A proxy MCP (Model Context Protocol) server that filters the upstream tool surface to just the tools you need.

Light-weight control pane to run CLI coding agents(Claude Code, Codex) in parallel

Buttercup finds and patches software vulnerabilities

🚀 A very efficient Texas Holdem GTO solver ♠️♥️♣️♦️

Chrome Extension - Remote Script Loader (Manifest V3)

Input-output driver

Signtool for expired certificates

Vibecoded DriverView except not only view.

Powerful context menu manager for Windows File Explorer

LolDrivers Database is a project based on loldrivers.io with enhanced filtering, searching capabilities as well as a HVCI and Microsoft drivers blocklist check.

An active fork of curl-impersonate with more versions and build targets. A series of patches that make curl requests look like Chrome, Firefox and Safari.

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

A next-generation HTTP stealth proxy which perfectly cloaks requests as the Chrome browser across all layers of the stack.

A grep-like tool which understands source code syntax and allows for manipulation in addition to search

A fast Windows emulator + debugger for reverse engineering. Runs any executable in debug mode, disassembles with Zydis, emulates instructions, and skips Windows API calls via debugger for maximum s…

A living guide to lesser-known and evasive Windows API abuses used in malware, with practical reverse engineering notes, YARA detections, and behavioral indicators.