BOF with Synthetic Stackframe

Performing Indirect Clean Syscalls

Combine and clean word lists

Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

This project is aimed at freely providing technical guides on various hacking topics.

Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames

bitpixie Proof of Concept - Bitlocker Decryptor

Bitpixie exploitation PoC

BloodyAD is an Active Directory Privilege Escalation Framework

A self-hosted sandbox for red teams to test payloads against modern detection before deployment. MCP integration lets an LLM agent drive analysis end to end.

SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.

View markdown file tree in a fancy web interface.

A fast TCP/UDP tunnel over HTTP

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

GLPI vulnerabilities checking tool

FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.

game of active directory

Tool for Active Directory Certificate Services enumeration and abuse

Windows inside a Docker container.

A command and control framework written in rust.

A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.

Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Dumping LSA secrets: a story about task decorrelation

Script collection for reconnaissance, post-exploitation & hunting on Windows networks