There are no reviews yet. Be the first to send feedback to the community and the maintainers!
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlationShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contentsProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDXdecode-spam-headers
A script that helps you understand why your E-Mail ended up in SpamStracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startupElusiveMice
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mindtomcatWarDeployer
Apache Tomcat auto WAR deployment & pwning penetration testing tool.UnhookMe
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malwareSharpWebServer
Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionalityAzureRT
AzureRT - A Powershell module implementing various Azure Red Team tacticsexpdevBadChars
Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.msidump
MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.RobustPentestMacro
This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.Exploit-Development-Tools
A bunch of my exploit development helper tools, collected in one place.VisualBasicObfuscator
Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.msi-shenanigans
Proof of Concept code and samples presenting emerging threat of MSI installer files.PE-library
Lightweight Portable Executable parsing library and a demo peParser application.HEVD_Kernel_Exploit
Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.PhishingPost
PHP Script intdended to be used during Phishing campaigns as a credentials collector linked to backdoored HTML <form> action parameterburpContextAwareFuzzer
BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.CustomXMLPart
A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.dirbuster
wfuzz, SecLists and john -based dirbusting / forceful browsing script intended to be used during web pentest assingmentsntfs-journal-viewer
Utterly simple NTFS Journal dumping utility. Handy when it comes to Computer Forensics and Malware Forensics Ops.digitalocean-app-redirector
Reverse-HTTP Redirector via DigitalOcean Apps PlatformLISET
Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident response (either forensic or malware oriented).RPISEC-MBE-Solutions
Solutions to the RPISEC MBE / Modern Binary Exploitation VM & course.prc_xchk
User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.PEInfo
Another Portable Executable files analysing stuffmgeeky
stegano1
College project implementing some of the compression and image steganographic algorithms.DISASM
Simple disassembling library (currently only x86)linux-utils
Some linux utils I've coded and decided to share.Symulacja-Reaktora-Jadrowego
(Polish only) Program przygotowywany na uczelnie w ramach kursu "Symulacje Komputerowe". Przedstawia hipotetyczna prace reaktora jadrowego w roznych stanach i konfiguracjach.Love Open Source and this site? Check out how you can help us