Abuse leaked token handles.

Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.

Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).

A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

哥斯拉jsp/jspx免杀webshell生成器

.net config loader

Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa archives.

yet another AV killer tool using BYOVD

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

A Slack bot phishing framework for Red Teaming exercises

KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this project is to be able to have a web server and some kitten an…

SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)

HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.

A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a ran…

This is a proof-of-concept of malicious software running inside of ModSecurity WAF.

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

POC for a DLL spoofer to determine DLL Hijacking

A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec

Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive data

C# obfuscator that bypass windows defender

REC2 (Rusty External Command and Control) is client and server tool allowing auditor to execute command from VirusTotal and Mastodon APIs written in Rust. 🦀

RDE1 (Rusty Data Exfiltrator) is client and server tool allowing auditor to extract files from DNS and HTTPS protocols written in Rust. 🦀

Anonymous Chat Room Power By Livekit And Next.js