Windows Kernel Mode Rootkit

Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks

A web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly.

C# AV/EDR Killer using less-known driver (BYOVD)

A rewrite of YARA in Rust.

An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer

An ADCS honeypot to catch attackers in your internal network.

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

DLL proxying for lazy people

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

A tool to keep AWS pentests and red teams efficient, organized, and stealthy.

UEFI Windows Bootkit

⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

fabric is an open-source framework for augmenting humans using AI. It provides a modular framework for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

Listado actualizado de Conferencias y Eventos sobre Ciberseguridad en España

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls

HackerOne "in scope" domains

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Kraken: A multi-platform distributed brute-force password cracking system

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader