A reverse engineering tool for decompiling and disassembling the React Native Hermes bytecode

A (partial) Python rewriting of PowerSploit's PowerView

Automating situational awareness for cloud penetration tests.

Check your WAF before an attacker does

AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.

Dumping DPAPI credz remotely

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

Timeroasting scripts by Tom Tervoort

ChatGPT DAN, Jailbreaks prompt

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

the LLM vulnerability scanner

The Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems.

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

List of tools and commands that may be helpful in CTFs

Python version of the C# tool for "Shadow Credentials" attacks

check outgoing ports with http://portquiz.net *deprecated*

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

Privilege Escalation Enumeration Script for Windows

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

Avalonia-based .NET Decompiler (port of ILSpy)

Recover the default privilege set of a LOCAL/NETWORK SERVICE account

Never ever ever use pixelation as a redaction technique

Easy logging and screen capturing for Tmux.

Pentest Report Generator

A list of public penetration test reports published by several consulting firms and academic security groups.

Domain Password Audit Tool for Pentesters

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…

PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

Malicious shortcut generator for collecting NTLM hashes from insecure file shares.

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.