An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard history.

Force Remove Copilot, Recall and More in Windows 11

Fast Windows post-exploitation wins after initial access.

Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.

A TUI for Active Directory collection.

EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.

Opengraph-Compatible JSON Generator for BloodHound

Binary Ninja YARA-X Plugin

A curated collection of tools, techniques, frameworks, and learning resources focused on Attack Surface Management (ASM).

🤖 The Modern Port Scanner 🤖

A security auditor for Tailscale configurations. Scans your tailnet for misconfigurations, overly permissive access controls, and security best practice violations.

Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal Palace.

AppLocker-Based EDR Neutralization

NeuroSploitv2 is an advanced, AI-powered penetration testing framework designed to automate and augment various aspects of offensive security operations. Leveraging the capabilities of large langua…

An Ansible Role that installs Ghostwriter on a Linux-based host using ghostwriter-cli and Docker Compose.

Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall

Unofficial DedSec Project GitHub Repository

A tool for creating credentials for accessing S3 buckets

Easy to deploy SCOM setup that makes use of Terraform and Ansible.

Third iteration of Lamperl, a Linux agent for the Adaptix C2 being developed for a blog post.

Windows Session Hijacking via COM

This C# tool sprays for admin access over the entire domain

A C# utility for interacting with SCOM

Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption

Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.

ADAttributeHound is an OpenGraph extension for BloodHound that exports Active Directory custom attributes as node properties.

Linux Process Injection via Seccomp Notifier

An Ansible collection that installs a SCOM deployment with optional configurations.