A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Flask extension for generating XML sitemaps

A tool to create a JScript file which loads a .NET v2 assembly from memory.

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

flexible, structured event replication format for DNS servers (command-line tool and Golang package)

A cross-platform unified Virtual Machine Introspection API library

Rekall Memory Forensic Framework

The official home of the LibVMI project is at https://github.com/libvmi/libvmi.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

A format-preserving encryption implementation in Go

Transmits AM radio on computers without radio transmitting hardware.

A StackStorm pack for working with network devices using the NAPALM library.

An extensible YANG validator and converter in python

Junos Yang module

Build a database of libc offsets to simplify exploitation

🕳 godoh - A DNS-over-HTTPS C2

Nginx configuration static analyzer

HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a …

Best Practice Auditd Configuration

Tricks for penetration testing

User enumeration scripts for penetration testers

Notes on the linux kernel VM subsystem.

PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2

Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)

Dynamic IDA Enrichment

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Cuckoo Sandbox is an automated dynamic malware analysis system