Injectra is a Python-based tool for injecting custom payloads into various file types using their magic numbers. It supports file types like zip, rar, docx, jpg, and more, allowing for customizable…

Framework for Kerberos relaying

Automated Adversary Emulation Platform

Open source C2 server created for stealth red team operations

Shikata ga nai (仕方がない) encoder ported into go with several improvements

This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation tech…

TartarusGate, Bypassing EDRs

Writing custom backdoor payloads with C# - Defcon 27 Workshop

Analyse your malware to surgically obfuscate it

Stealthily inject shellcode into an executable

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA …

Automation for internal Windows Penetrationtest / AD-Security

Dynamic Instrumentation Tool Platform

real time face swap and one-click video deepfake with only a single image

💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby

In-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.

shellcode loader that uses indirect syscalls written in D Lang The loader bypasses user-mode hooks by resolving system calls manually from NTDLL using a hash-based method.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Flexible Orange Box (Type II Caller ID Generator)

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educati…

GetSyscallStubCGo.

An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehash…

indirect syscalls for AV/EDR evasion in Go assembly

Ghidra is a software reverse engineering (SRE) framework

Unhook Ntdll.dll, Go & C++.

Six Degrees of Domain Admin

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it wi…

Load a dynamic library from memory by modifying the native Windows loader