A lightweight client for managing MariaDB, MySQL, SQL Server, PostgreSQL, SQLite, Interbase and Firebird, written in Delphi

Windows Security Descriptor Definition Language (SDDL) parser and formatter

PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.

UNIX-like reverse engineering framework and command-line toolset

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Authentication, authorization, traceability and auditability for SSH accesses.

Detect WFP filters blocking EDR communications

This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository…

The Hunt for Malicious Strings

↕️🤫 Stealth redirector for your red team operation security

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

Identifies the bytes that Microsoft Defender flags on.

Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.

Revolt Desktop App

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

Kernel mode WinDbg extension and PoCs for token privilege investigation.

Extract credentials from lsass remotely

Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

A collection of several hundred online tools for OSINT

The Browser Exploitation Framework Project

Connect like there is no firewall. Securely.

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...