Offensive Security

A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.

Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.

Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.

A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.

Sysreptor offers a customizable reporting solution for offensive security assessments.

A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.

DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.

A technique for social engineering and untrusted command execution using ClickOnce technology

A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.

AEM (Adobe Experience Manager) Hacker is a tool designed to help security researchers and penetration testers identify and exploit vulnerabilities in AEM-based systems.

Detect users' operating systems and perform redirection with Apache mod_rewrite.

BeEF is a penetration testing framework that exploits web browsers to assess client-side security vulnerabilities and launch attacks from within the browser context.

AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.

FingerprintX is a standalone utility for service discovery on open ports.

A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.

Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.

Code injection library for OS X with cross-architecture support.

A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.

LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.

SharpPrinter enables efficient discovery of network printers for security and management purposes.

A repository documenting AppLocker bypass techniques with verified methods, legacy DLL execution approaches, and a PowerShell module for identifying AppLocker weaknesses.

InvisibilityCloak is a proof-of-concept C# code obfuscation toolkit designed for red teaming and penetration testing to conceal post-exploitation tools from detection.

A tool to leak git repositories from misconfigured websites

Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.