CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

Kernel mode WinDbg extension and PoCs for token privilege investigation.

Extract credentials from lsass remotely

Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

A collection of several hundred online tools for OSINT

The Browser Exploitation Framework Project

Connect like there is no firewall. Securely.

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

Quickly find differences and similarities in disassembled code

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Find, verify, and analyze leaked credentials

Various tips & tricks

Xray panel supporting multi-protocol multi-user expire day & traffic & ip limit (Vmess & Vless & Trojan & ShadowSocks & Wireguard)

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

A browser automation framework and ecosystem.

GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows)

Web-extension for bypassing censorship in Russia

MBC content in markdown

A machine learning tool that ranks strings based on their relevance for malware analysis.

Converts a DLL into EXE

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Recovers passwords from pixelized screenshots

1C Exploit Kit

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.