Identifies the bytes that Microsoft Defender flags on.

Firmware Analysis Tool

XGecu Xgpro wine docker image

Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.

Web testing and bug-bounty framework

Some usefull Scripts and Executables for Pentest & Forensics

OSCP Cheat Sheet

Automation for internal Windows Penetrationtest / AD-Security

🤖 A CLI application that automatically prepares Android APK files for HTTPS inspection

802.11 Attack Tool

ScareCrow - Payload creation framework designed around EDR bypass.

Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into…

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

PowerShell Script Obfuscator

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Create randomly insecure VMs

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

Hunt for security weaknesses in Kubernetes clusters

A low cost, jack-of-all-trades hacking tool, taking inspiration from FlipperZero and P4wnP1, using the RPIZero

PowerShell rebuilt in C# for Red Teaming purposes

Lifetime AMSI bypass

Hide your Powershell script in plain sight. Bypass all Powershell security features

Cobalt Strike is a post-exploitation framework designed to be extended and customized by the user community. Several excellent tools and scripts have been written and published, but they can be cha…

My experiments in weaponizing Nim (https://nim-lang.org/)

A list of tmux plugins.