Dump stuff without touching disk

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

A GPT-empowered penetration testing tool

The modern Java bytecode editor

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

A BloodHound collector for Microsoft Configuration Manager

Windows inside a Docker container.

Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive da…

Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijack execution flow

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

Killer is a simple tool designed to bypass AV/EDR security tools using various evasive techniques.

AWS Attack Path Management Tool - Walking on the Moon

Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain

Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀

Embed a payload inside a PNG file

A set of programs for analyzing common vulnerabilities in COM

TypeLib persistence technique

lsassdump via RtlCreateProcessReflection and NanoDump

This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callb…

Zero shot vulnerability discovery using LLMs

LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.

Build a beautiful Home Assistant dashboard easily

pppwn

AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.

Decrypt GlobalProtect configuration and cookie files.

A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.