maldev-for-dummies. A workshop about Malware Development
1.8kOSEP-Code-Snippets. A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
1.5kfollina.py. POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes
1.1kNimPlant. A light-weight first-stage C2 implant written in Nim (and Rust).
950BugBountyScanner. A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
919NimPackt-v1. Nim-based assembly packer and shellcode loader for opsec & profit
488CloudLabsAD. Terraform + Ansible deployment scripts for an Active Directory lab environment.
281OSCP-MarkdownReportingTemplates. Markdown reporting templates and Pandoc styling references to generate sleek reports for OSCP/PWK with little effort.
206conferences. A collection of presentations and other contributions I have made to conferences.
37code-needle. A VS Code plugin to execute arbitrary JavaScript code at runtime over a local HTTP endpoint.
29nimbuild. A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)
16homeassistant-googletokenretriever. A script for automatically retrieving Google Home API keys into Home Assistant
13BadBlood. BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
9homeassistant-idasen-control. A Flask webhook-like wrapper to integrate IDÅSEN desk control into Home Assistant. Based on Python component by Rhyst.
9chvancooten.github.io. https://casvancooten.com
6goffloader. A Go implementation of Cobalt Strike style BOF/COFF loaders.
6FindFrontableDomains. Search for potential frontable domains
4coffee. A COFF loader made in Rust
3azure-devops-to-linear. Migrate Azure DevOps work items, comments, and hierarchies to Linear - TypeScript CLI, resumable, dry-run safe
2homeassistant. Home Assistant smart home configuration
1bloodhound-import. Python based BloodHound data importer
1go-clr. A PoC package for hosting the CLR and executing .NET from Go
1BloodHound.py. A Python based ingestor for BloodHound
1