High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)

Collection of handy online tools for developers, with great UX.

A markup-based typesetting system that is powerful and easy to learn.

This is a multi-use bash script for Linux systems to audit wireless networks.

A fast, simple, recursive content discovery tool written in Rust.

The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

Collect Windows telemetry for Maldev

A self-hosted sandbox for red teams to test payloads against modern detection before deployment. MCP integration lets an LLM agent drive analysis end to end.

redirect all TCP/UDP traffic of any program to SOCKS5 proxy

"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file for…

Public open-source code of malware Stuxnet (aka MyRTUs).

A terminal UI for tshark, inspired by Wireshark

A complete terminal user interface (TUI) for LDAP.

This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.

SSH based reverse shell

ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries ever having to touch storage. This is useful for red-teamin…

A curated list of tools that can be used for creating interactive mathematical explorables.

A suite of tools to disrupt campaigns using the Sliver C2 framework.

Decrypt encrypted Fortienet FortiOS firmware images

Jennifer is a code generator for Go

OSWE, OSEP, OSED, OSEE

Create your own vulnerable by design AWS penetration testing playground

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for m…

ScareCrow - Payload creation framework designed around EDR bypass.

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

Fast and customizable subdomain wordlist generator using DSL

Slack enumeration and exposed secrets detection tool

C++ WinRM API sliver extension

A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.

Transparent file encryption in git