Killer tool is designed to bypass AV/EDR security tools using various evasive techniques.

This repository contains scripts in python from discovering bluetooth to taking over the bluetooth connections.

Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

CPP AV/EDR Killer

mx-takeover focuses DNS MX records and detects misconfigured MX records.

🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)

Finding potential software vulnerabilities from git commit messages

ebpfkit is a rootkit powered by eBPF

Sub-Domain TakeOver Vulnerability Scanner (edoardottt fork)

The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, …

Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Written In Python3

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

This is a functional proof of concept (PoC) for CVE-2024-38063. However, it's important to note that this CVE is theoretical and not exploitable in a real-world scenario. To enhance understanding f…

PEN-300 collection to help you on your exam.

Arsenal is just a quick inventory and launcher for hacking programs

A marriage between Octoberfest7/OSEP-Tools and chvancooten/OSEP-Code-Snippets with some improvements/additions

Embed tweets in your React application.

List of regex for scraping secret API keys and juicy information.

list of regex patterns for oauth / api tokens with provided source

Hunt for sensitive data exposure on GitHub.

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

A tool for checking if MFA is enabled on multiple Microsoft Services

Scan GitHub for available OpenAI API Keys

A tool to abuse Exchange services