ADE: automates Active Directory enumeration for labs (Hack The Box, Hack Smarter, TryHackMe, Proving Grounds) and exam prep (OSCP, CPTS).

OSCP Cheat Sheet

fully accessible cross-browser HTML5 media player.

Venom C2 is a dependency‑free Python3 Command & Control framework for redteam persistence

A lightweight tool for deploying and managing containerised applications across a network of Docker hosts. Bridging the gap between Docker and Kubernetes ✨

Helm charts for running open source digital forensic tools in Kubernetes

Detonate malware on VMs and get logs & detection status

The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.

Bluesky PDS (Personal Data Server) container image, compose file, and documentation

Distributed malware processing framework based on Python, Redis and S3.

Research PoC demonstrating Linux Kernel hooking plus defences.

A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Too…

Enumerate active EDR's on the system

A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.

A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS accounts.

A next-generation HTTP stealth proxy which perfectly cloaks requests as the Chrome browser across all layers of the stack.

Fingerprint-aware TLS reverse proxy. Use Finch to outsmart bad traffic—collect client fingerprints (JA3, JA4 +QUIC, JA4H, HTTP/2) and act on them: block, reroute, tarpit, or deceive in real time.

Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used to setup Dynamic Application Security Testing (DAST).

Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit

Certified Red Team Operator (CRTO) Cheatsheet and Checklist

An automated NMAP python script

A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.

Repository containing all training and tutorials completed in preparation for the OSEE in conjunction with the AWE course.

Collect infrastructure and permissions data from vCenter and export it as a BloodHound‑compatible graph using Custom Nodes/Edges

SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.

Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls.

C2 writen in Rust & Go powered by Tor network.