Stars
Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.
LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining …
365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.
Adversary simulation and Red teaming platform with AI
PoC for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways
Linux Kernel Module Rootkit with module hiding, RCE/reverse shell, and persistence capabilities
Dump cookies and credentials directly from Chrome/Edge process memory
BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen
✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的,网页UI、跨平台以及多功能的远程控制和监控工具,你可以随时…
Collection of Notes and CheatSheets used for Red teaming Certs
ChromeStealer is a tool for educational purposes to demonstrate how to extract and decrypt stored passwords from Google Chrome on a Windows system using C/C++.
Unauthenticated Remote Code Execution – Bricks <= 1.9.6
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover su…
A script to generate AV evaded(static) DLL shellcode loader with AES encryption.
CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and reflection techniques for code injection. This PoC showcases…
his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attac…
Demonized Shell is an Advanced Tool for persistence in linux.
POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY
This repo is about Active Directory Advanced Threat Hunting
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
A curated list of tools for incident response