Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.

A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.

secator - the pentester's swiss knife

BOF for Kerberos abuse (an implementation of some important features of the Rubeus).

Collection of C# projects. Useful for pentesting and redteaming.

A command and control framework written in rust.

Wireless keystroke injection attack platform

BSPWM environment with 18 themes. With a theme selector to change on the fly.

Dynamic and elegant desktop setup inspired by Material You, featuring auto-generated colors, fluid animations, and ripple effects for a cohesive, customizable user experience.

Protected Process Dumper Tool

Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that I find useful during internal penetration tests and assumed breach exercises (red teaming)

Simple netexec wraper with html repport

Assist reverse tcp shells in post-exploration tasks

From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller

JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.

JustGetDA, a cheat sheet which will aid you through internal network & red team engagements.

This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.

A modern 64-bit position independent implant template

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)

Shellcode obfuscation tool to avoid AV/EDR.

Open-Source Shellcode & PE Packer

Powerful framework for rogue access point attack.

ShuckNT is the script of Shuck.sh online service for on-premise use. It is design to dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard (DES).

AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,

A RedTeam Toolkit

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)

Education purpose showing how the combination of useful tool could tweak a patched script can still be execute without detected. In this scenario I am using various step and tool including the a bi…

Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing