Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Cortex XDR Config Extractor

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations

UPX - the Ultimate Packer for eXecutables

An open-source, free protector for .NET applications

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions

Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Coba…

A little tool to play with Windows security

Egress-Assess is a tool used to test egress data detection capabilities

Some notes and examples for cobalt strike's functionality

Collection of remote authentication triggers in C#

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

A recursive internet scanner for hackers.

PEN-300 collection to help you on your exam.

Exploitation Framework for Embedded Devices

macOS system monitor in your menu bar

Window management made elegant.

The Leading Security Assessment Framework for Android.

SMBScan is a tool to enumerate file shares on an internal network.

Smart Install Exploitation Tool

The Network Execution Tool

BloodyAD is an Active Directory Privilege Escalation Framework

A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon

This repo covers some code execution and AV Evasion methods for Macros in Office documents

game of active directory