DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the ori…

A SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses!

One proxy to rule them all

An incredibly fast proxy checker & IP rotator with ease.

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

A set of prioritized Hashcat .hcmask files intelligently developed from terabytes of password breach datasets and organized by run time.

Hide your P/Invoke signatures through other people's signed assemblies

basic google recaptcha solver using llava-v1.6-7b

Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies

A purely bash web server, no socat, netcat, etc...

Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC

SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file for…

The FLARE team's open-source tool to identify capabilities in executable files.

CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.

Different methods to get current username without using whoami

CPP AV/EDR Killer

Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls

A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.

Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.

Malware As A Service

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileg…

A static analyzer for PE executables.

Hide your payload in DNS

Convert shellcode generated using pe_2_shellcode to cdb format.

Creation and removal of Defender path exclusions and exceptions in C#.

A simple zero-config tool to make locally trusted development certificates with any names you'd like.