🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for m…

PassFiltEx. An Active Directory Password Filter.

Unofficial revival of the well known .NET debugger and assembly editor, dnSpy

Wordlist to crack .zip-file password

A very simple Internet Relay Chat (IRC) server

iOS Logs, Events, And Plist Parser

[Archived] open-source USB analyzer toolkit with support for a variety of capture hardware

Java RMI Vulnerability Scanner

The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the pro…

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

Lists of .NET Deobfuscator and Unpacker (Open Source)

evtxview is a GUI viewer for Microsoft Windows evtx files (Windows event logs). I'm hacking this tiny tool because I need such a tool in most forensic investigations.

Collection of command line tools to correlate windows event logs. This set of tools is aimed to be used at forensic investigations.

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

IoTGoat is a deliberately insecure firmware based on OpenWrt.

NetRipper - Smart traffic sniffing for penetration testers

Modern Memory Safety in C/C++

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…

Qiling Advanced Binary Emulation framework

Decrypt HTTPS/TLS connections on the fly with Wireshark

Scripts for the Ghidra software reverse engineering suite.

Archive of Metasploit CTF challenges.

Hackish way to intercept and modify non-HTTP protocols through Burp & others.

A True Instrumentable Binary Emulation Framework

Wifi to 3x Serial bridge based on a ESP32