Get up and running with Llama 3.3, DeepSeek-R1, Phi-4, Gemma 3, and other large language models.

EDR & Antivirus Bypass to Gain Shell Access

Simple Python version management

A tool matrix for Russian APTs based on the Ransomware Tool Matrix

ShellCheck, a static analysis tool for shell scripts

a simple app for uploading files using node.js and express

Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection

A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.

Shodan Dorks

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).

SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.

Collection of UAC Bypass Techniques Weaponized as BOFs

A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.

GregsBestFriend process injection code created from the White Knight Labs Offensive Development course

The Network Execution Tool

Encrypted shellcode Injection to avoid Kernel triggered memory scans

Send phishing messages and attachments to Microsoft Teams users

PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.

Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!

A private botnet using multiple cloud environments for pentesters and red teamers. - Built by the community during a hackathon at the WWHF 2018 security conference

Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+Bloc…

Reverse engineered to remove IOCs, added Exchange Online Protection IP blacklist and bing-bot user-agent blocking, DNS configuration and notes on usage.

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

Dehashed API CLI

Official electron build of draw.io

Some scripts to abuse kerberos using Powershell

Malicious shortcut generator for collecting NTLM hashes from insecure file shares.

Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!

Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques.

An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer