Xploitra is a powerful reverse shell payload generator for educational and security testing. It offers customizable payloads with advanced obfuscation and session management, making it ideal for simulating real-world attack scenarios and assessing system security.

Detect leaks in security event logs.

Turn your USB device into a security key

Malware sandbox for automated PE/ELF analysis with EDR integration and behavioral monitoring. Open-source alternative to CAPE sandbox.

RedTeam-MCP: AI-Powered Autonomous Red Team Framework via Model Context Protocol. AI红队与内网渗透自动化框架，支持 gogo, fscan, httpx, nuclei, impacket, playwright 等 15+ 渗透工具，让 LLM 直接化身安全审计黑客。

AI Process Report is a powerful tool that analyzes running processes on Windows and Linux systems using advanced AI models. It provides detailed insights and threat assessments for each process

Vulnerability scan & fix for your Windows

LockLess is a comprehensive biometric authentication system using Python, OpenCV, and deep learning models. It offers offline face enrollment, real-time verification, AES-256 encryption, and multi-modal liveness detection across Windows, Linux, and Android platforms. Built for privacy with local processing and enterprise security standards.

Windows RDP brute-force detection, auto firewall blocking, attack forensics and cloud/IDC IP attribution tool

Zerologon (CVE-2020-1472) Proof-of-Concept application - Critical Active Directory vulnerability exploitation tool.

🛡️ Unified Security & Threat Intelligence Suite - Multi-source threat analysis, real-time monitoring, and forensic tools in one professional cybersecurity platform.

Python security log analyzer for SOC analysts

ExamGurad is a portable Windows cyber-forensic tool that collects USB device history, event logs, and system activity evidence for academic integrity investigations.

Python-based security tool that scans running processes on Windows, computes SHA-256 hashes, and checks them against the VirusTotal database

SigmaEye is a Windows process monitoring toolkit that integrates ETW and user-level monitoring with Sigma rules. It detects suspicious process behavior, LOLBins usage, and potential threats in real-time. Features include dual monitoring, DLL injection tracking, and customizable detection rules. Requires admin privileges for ETW monitoring.

🛡️ Hands-on Sysmon Blue Team lab: Detecting suspicious activities and analyzing artifacts on Windows systems.

CVE-2025-8088 — Educational proof-of-concept for WinRAR path traversal vulnerability via NTFS Alternate Data Streams (ADS), CVSS 8.4 HIGH, exploited by RomCom APT (Storm-0978), with configurable traversal depth, auto-discovery of rar.exe, and interactive terminal interface

VaultSweep is a Python-based tool designed to scan Windows systems for common vulnerabilities and misconfigurations. It can help users identify security risks and provide actionable remediation steps.

Open-source Windows credential audit tool — extracts NTLM hashes from SAM/SYSTEM hives, cracks passwords using Hashcat, and tests password strength. Generates TXT, JSON, and HTML reports.

A powerful, modular tool for ethical hacking and red team simulations. Features advanced keylogging (for lab use), stealth PowerShell payloads, reverse shell execution, and Nmap-based network recon — all packaged for real-world adversarial emulation. Use responsibly.