Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.

Ready to go Phishing Platform

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

Zero Infrastructure Password Cracking

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Easily and securely send things from one computer to another 🐊 📦

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

一款后渗透免杀工具，助力每一位像我这样的脚本小子快速实现免杀，支持bypass AV/EDR 360 火绒 Windows Defender Shellcode Loader

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

File formats dissections and more...

Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)

Fluxion is a remake of linset by vk496 with enhanced functionality.

An ADCS honeypot to catch attackers in your internal network.

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readines…

Polymorphic Command & Control

Multiplatform Python WebShell

The Shadow Attack Framework

Red team Interview Questions

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Dex to Java decompiler

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Never ever ever use pixelation as a redaction technique

Unorthodox and stealthy way to inject a DLL into the explorer using icons

The essential toolkit for reversing, malware analysis, and cracking

Simulate the behavior of AV/EDR for malware development training.

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.