ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP.…

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper us…

SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative featur…

Ghidra Server Docker Image

Fast web fuzzer written in Go

rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.

Providentia is a tool to manage cyber-exercise technical knowledge

An x64 shellcode generator made as part of OSEE/EXP-401 prep

A self-hosted Fuzzing-As-A-Service platform

Black Hat 2023 Exploiting K8S

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Windows syscalls. ShellWasp is built for 32-bit, WoW64. ShellWas…

Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)

a Damn Vulnerable Serverless Application

A little tool to play with Windows security

Egress-Assess is a tool used to test egress data detection capabilities

Trying to tame the three-headed dog.

Collection of C# projects. Useful for pentesting and redteaming.

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Enumerate Domain Data

Active Directory certificate abuse.

Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks

A collection of pwn/CTF related utilities for Ghidra

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

Python3 scripts that executes an elf (Linux executable format) completely in memory.

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.