Chromium Cookie import / export tool

Dump cookies and credentials directly from Chrome/Edge process memory

The TerminalQuest game client

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifyin…

AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident resp…

Enumerate running processes using com.apple.CodeSigningHelper

transform your payload into ipv4/ipv6/mac arrays

A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.

Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.

nysm is a stealth post-exploitation container.

CVE-2023-26818 Exploit MacOS TCC Bypass W/ Telegram

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors

Spartacus DLL/COM Hijacking Toolkit

Purple Team Exercise Framework

Mac OS X Keychain Forensic Tool

Borrow cookies from your browser's authenticated session for use in Python scripts.

This project aims to compare and evaluate the telemetry of various EDR products.

Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been seen before, and redirects them to a benign payload.

Generate macOS installers for your applications and products from one command

Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, dis…

Notion as a platform for offensive operations

Shows how to write a NSDockTilePlugin, so your DockTile can update while the app isn't running

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Apply a divide and conquer approach to bypass EDRs

Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.

A public collection of POCs & Exploits for the vulnerabilities I discovered

If you have any questions, please open an issue.

A no-frills keylogger for macOS.

A python script for managing AWS roles