A series of Jupyter notebooks that walk you through the fundamentals of Machine Learning and Deep Learning in Python using Scikit-Learn, Keras and TensorFlow 2.

An Attack Graphs Extension for Draw.io

Hardcore Debugging

Python Command-Line Ghidra Binary Diffing Engine

Fix Inventory consolidates user, resource, and configuration data from your cloud environments into a unified, graph-based asset inventory.

This module will create a Microsoft 365 Test Environment

The world's simplest facial recognition api for Python and the command line

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available

An App Domain Manager Injection DLL PoC on steroids

Embedded no-code VM executing human-like language to manipulate data and process cryptographic operations.

Automated Browser Interaction

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

Azure DevOps Services Attack Toolkit

Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound

A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri

The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Canary objects.

Azure mindmap for penetration tests

A consolidated cloud IAM dataset

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…

Decrypt Veeam database passwords

Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.

Re-play Security Events

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments

Small tool to automate SSRF wordpress and XMLRPC finder

A multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

A go-exploit to scan for implanted Cisco IOS XE Systems

JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom Java…