PoCs for Kernelmode rootkit techniques research.

Payload development framework

sandbox approach for malware developers and red teamers to test payloads against detection mechanisms before deployment

ROP-based sleep obfuscation to evade memory scanners

AES Shellcode Compiler

This repository contains complete resources and coding practices for malware development using Rust 🦀.

Phone: A Mobile Phone Forensic Framework ( Android )

Simulate the behavior of AV/EDR for malware development training.

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

A collection of Cyber Threat Intelligence information gathered from the depths of the clearnet, deep web and dark web.

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

A Series of Baseband & LMP Exploits against Bluetooth Classic Controllers

Taranis AI is an advanced Open-Source Intelligence (OSINT) tool, leveraging Artificial Intelligence to revolutionize information gathering and situational analysis.

best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect

Find domains and subdomains related to a given domain

hack5 badusb payloads moded for be played with flipper zero

FBI Watchdog is an OSINT tool that monitors domain seizures and DNS record changes in real time, alerting users to law enforcement takedowns and other DNS modifications.

A list of useful Powershell scripts with 100% AV bypass (At the time of publication).

WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API

monitors hidden syscalls called from call of duty anticheat

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

All-in-One Toolkit for BruteForce Attacks

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory

.NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

PingCastle - Get Active Directory Security at 80% in 20% of the time