SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be r…

A web shell for pivoting and lateral movement

CSHARP DCOM Fun

C# port of WMImplant which uses either CIM or WMI to query remote systems

SharpWMI is a C# implementation of various WMI functionality.

Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 20…

Bloodhound Attack Path Automation in CobaltStrike

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Malicious Macro Generator

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

a console-based tool to connect to MSSQL server for red teamer and pentesters

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

GodOfWar - Malicious Java WAR builder with built-in payloads

Random proxy middleware for Scrapy

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

Check Domain Fronting (chkdfront) - It checks if your domain fronting is working

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Search for categorized domain

Unofficial APIs for Webull.

Backtest 1000s of minute-by-minute trading algorithms for training AI with automated pricing data from: IEX, Tradier and FinViz. Datasets and trading performance automatically published to S3 for b…

This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.

Windows file system filter driver - illustration of the technology

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

Scripts that are useful for me on pen tests

C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.

Some useful scripts for CobaltStrike