Full-color SVG icons of homelab-related software, products, and brands

Public open-source code of malware Stuxnet (aka MyRTUs).

Docker toolbox for pentest of web based application.

DNS-Based Command and Control (C2) with NodeJS :)

A new kind of terminal

Drill is an HTTP load testing application written in Rust

Reverse proxies cheatsheet

A pentesting tool that dumps the source code from .git even when the directory traversal is disabled

.NET Project for Attacking vCenter

Windows Privilege Escalation from User to Domain Admin.

Red Teaming & Pentesting checklists for various engagements

Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.

C# Executable with embedded Python that can be used reflectively to run python code on systems without Python installed

Tool for interacting with outlook interop during red team engagements

A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.

Defences against Cobalt Strike

Collection of Beacon Object Files

Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avo…

Unicode encoding attacks with machine learning

BloodHound Cypher Queries Ported to a Jupyter Notebook

This Bufferflow Guide includes instructions and the scripts necessary for Buffer Overflow Exploitation. This guide is a supplement for TheCyberMentor's walkthrough. Please watch his walkthrough if …

.NET 4.0 Console App to browse VMDK / VHD images and extract files

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Common Web Managers Fuzz Wordlists

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

A collaborative, multi-platform, red teaming framework

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

Provision a brand-new company with proper defaults in Windows, Offic365, and Azure

SharpUp is a C# port of various PowerUp functionality.