Starred repositories
GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
Weaponize DLL hijacking easily. Backdoor any function in any DLL.
This is a repository to experiment with MCP for security
A Binary Ninja plugin containing an MCP server that enables seamless integration with your favorite LLM/MCP client.
A Model Context Protocol (MCP) server for querying the VirusTotal API.
MCP server for interacting with EntraID through Microsoft Graph API.
Claude MCP server to perform analysis on ROADrecon data
A tool that is used to hunt vulnerabilities in x64 WDM drivers
A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.
A source generator to add a user-defined set of Win32 P/Invoke methods and supporting types to a C# project.
Autoswagger by Intruder - detect API auth weaknesses
Create Entra Global Admin accounts from On-Prem
Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls
Curated list of projects, articles and more related to Offensive Security and Red Teaming. Completely written in Rust.
A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.
A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTAPI for various operations.
LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.
A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and indirect NTAPIs for core operations.
Porting Windows Dynamic Link Libraries to Linux
Hiew External Module (HEM) to calculate CRC-32, MD5, SHA-1, and SHA-256 hashes of a given file/block
Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or even inspiration).
Simple Docker Compose NAS featuring Sonarr, Radarr, Prowlarr, Jellyfin, qBittorrent, PIA VPN and Traefik with SSL support
A markdown compatible Golang blogging platform I use for my own blog
Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.
Clipboard HexDumper is a command-line tool that allows you to read binary data of a file on disk, convert it to a hex dump or a base64 encoded string, and copy it to the clipboard.
An List of my Powershell scripts, commands and Blogs for windows Red Teaming.
Homebrew formulae to build Zathura on Mac OS X