Port of OpenAI's Whisper model in C/C++

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!

Fetches javascript file from a list of URLS or subdomains.

Vulnerable app with examples showing how to not use secrets

Store SSH keys in the Secure Enclave

A compilation of scripts and scans for discovering and enumerating industrial control and SCADA devices. Utilizing open-source tools, I have compiled scans and scripts for targeting Operational Tec…

Asynchronous RDP/VNC client for Python (GUI)

😇 A Docker Compose bundle to run on servers with spare CPU, RAM, disk, and bandwidth to help the world. Includes Tor, ArchiveWarrior, BOINC, and more...

a file-sharing tool that allows you to find the responsible person in case of a leakage

A fast CSV command line toolkit written in Rust.

A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE

💻 🔒 🔑 Secure Boot key manager

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Tweaks to make Windows 10 less annoying and more usable

Automate the creation of a lab environment complete with security tooling and logging best practices

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

My experiments in weaponizing Nim (https://nim-lang.org/)

Very fast DNS-over-HTTPS to DNS proxy with emphasis on privacy (no logging)

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

Secure multithreaded packet sniffer

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Semi-automatic OSINT framework and package manager

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

JavaScript for Automation (JXA) tool to do Active Directory enumeration.

A collaborative, multi-platform, red teaming framework

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills.

Web path scanner

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

A command line tool that recreates the famous data decryption effect seen in the 1992 movie Sneakers.