Best and simplest tool for website change detection, web page monitoring, and website change alerts. Perfect for tracking content changes, price drops, restock alerts, and website defacement monito…

A tiny tool built to find and fix common misconfigurations in Active Directory-integrated DNS

Testimo is a PowerShell module for running health checks for Active Directory against a bunch of different tests

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.

A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its minimalist, robust, and highly adaptable architecture, this solu…

Dumb service manager with a simple web UI and stdout tracing.

Chameleon is a polymorphic engine for x86_64 position independent shellcode that has been created out of the need to evade signature-based detections in red team environments.

Linux Kernel Rookit Hooking Mechanism

Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updates

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes.

A simple, self-hosted app for your checklists and notes.

📖 Runbooks that run

The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.

Windows protocol library, including SMB and RPC implementations, among others.

Use Cloudflare to create HTTP pass-through proxies for unique IP rotation, similar to fireprox

A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread

POC for Veeam Backup and Replication CVE-2023-27532

custom impacket mssqlclient

Proxy server to bypass Cloudflare protection

Permanently disable EDRs as local admin

Tools for analyzing EDR agents

A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass

Automated Firebase security scanner to check for unauthorized read and write access on firestore, realtime databases, storage buckets and remote configs