There are no reviews yet. Be the first to send feedback to the community and the maintainers!
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlationShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contentsProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDXdecode-spam-headers
A script that helps you understand why your E-Mail ended up in SpamStracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startupElusiveMice
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mindtomcatWarDeployer
Apache Tomcat auto WAR deployment & pwning penetration testing tool.UnhookMe
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malwareSharpWebServer
Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionalityAzureRT
AzureRT - A Powershell module implementing various Azure Red Team tacticsexpdevBadChars
Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.msidump
MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.RobustPentestMacro
This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.Exploit-Development-Tools
A bunch of my exploit development helper tools, collected in one place.VisualBasicObfuscator
Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.msi-shenanigans
Proof of Concept code and samples presenting emerging threat of MSI installer files.PE-library
Lightweight Portable Executable parsing library and a demo peParser application.HEVD_Kernel_Exploit
Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.procmon-filters
SysInternals' Process Monitor filters repository - collected from various places and made up by myself. To be used for quick Behavioral analysis of testing specimens. Inspired and based on Lenny Zeltser's collection.PhishingPost
PHP Script intdended to be used during Phishing campaigns as a credentials collector linked to backdoored HTML <form> action parameterburpContextAwareFuzzer
BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.CustomXMLPart
A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.dirbuster
wfuzz, SecLists and john -based dirbusting / forceful browsing script intended to be used during web pentest assingmentsntfs-journal-viewer
Utterly simple NTFS Journal dumping utility. Handy when it comes to Computer Forensics and Malware Forensics Ops.digitalocean-app-redirector
Reverse-HTTP Redirector via DigitalOcean Apps PlatformLISET
Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident response (either forensic or malware oriented).prc_xchk
User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.PEInfo
Another Portable Executable files analysing stuffmgeeky
stegano1
College project implementing some of the compression and image steganographic algorithms.DISASM
Simple disassembling library (currently only x86)linux-utils
Some linux utils I've coded and decided to share.Symulacja-Reaktora-Jadrowego
(Polish only) Program przygotowywany na uczelnie w ramach kursu "Symulacje Komputerowe". Przedstawia hipotetyczna prace reaktora jadrowego w roznych stanach i konfiguracjach.Love Open Source and this site? Check out how you can help us