linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks. The script leverages and…
OWASP Coraza Web Application Firewall, OWASP Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity's seclang language…
Kraken is an online distributed brute force password cracking tool. It allows you to parallelize dictionaries and crunch word generator…
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means…
EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Kernel callbacks and ETW TI provider) and LSASS protections. Multiple…
365Inspect requires the administrative PowerShell modules for Microsoft Online, Azure AD (We recommend installing the AzureADPreview module), Exchange administration, Microsoft Graph,…
Shhhloader is a SysWhispers Shellcode Loader that is currently a Work in Progress. It takes raw shellcode as input and…
modifyCertTemplate tool is designed to aid an operator in modifying ADCS certificate templates so that a created vulnerable state can…
Melody is a transparent internet sensor built for threat intelligence and supported by a detection rule framework which allows you…
Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework. It provides various functionalities such as symbolic execution, taint…