BouncyGate. Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).
186Godmode. Tool for playing with Windows Access Token manipulation.
84SharpStartWebclient. Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
79CredGuess. Generate password spraying lists based on the pwdLastSet-attribute of users.
55NimNightmare. CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
18OffensiveHolyC. Red-Teaming TempleOS.
18RDPassSpray. Python3 tool to perform password spraying using RDP
17deepsea. Deepsearch leak database client, as an alternative for pwndb
16UwuRatel. Pink BRC4 skin/theme.
15Talks. Repository for slide decks of public talks I've given.
14Kernel-Adventures. Misc Windows Driver/Kernel PoCs that do not need a separate repo.
12JailWhale. Docker container escape enumeration tool.
12urlExtract. Recursively extract urls from a web page for reconnaissance.
12ghidra-WDF-gdt. Ghidra .gdt files for parts of the Kernel Mode Driver Framework (KMDF) part of WDF.
10Web-Windows-Login-Phishing. Web based fake Windows Login Screen Phishing.
9nim-monero-rpc. Nim library for interacting with Monero wallets & nodes via RPC.
8scim. WIP raw socket packet manipulation library
6lunarfuzz. WIP: Directory fuzzer for single page apps that require a browser to render content, with an interface similar to ffuf
6YA-PSX-EMU. Playstation (PSX) Emulator (WIP).
6OpenGL-Voxel-Engine. Voxel Game-Engine using OpenGL, created as a project to practice C++ and graphics programming.
6Black-Metal-Lyric-Database. Database of Black Metal lyrics and additional metadata in .JSON-format for computer assisted text analysis projects.
6monero. Monero: the secure, private, untraceable cryptocurrency
4PyCheeseOunce. Another coercion method, using MS-EVEN ElfrOpenBELW.
4QuickShell. Generates quick one liner reverse shell payloads for lazy people.
4elden_vt. JavaScript
3toolbox-pentest-web. Docker toolbox for pentest of web based application.
3Bitmancer. Nim Library for Offensive Security Development
2CheeseOunce. Coerce Windows machines auth via MS-EVEN
2SharpTokenFinder. C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
2CrystalCastle. Your automated network enumeration watchtower.
2HyperDash. Auto-Dash-Bot for Hyper Light Drifter.
1nuclei-templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.
1PrivescCheck. Privilege Escalation Enumeration Script for Windows
1KrbRelay. Framework for Kerberos relaying
1aadint. PowerShell
1Post-Exploitation. Post-exploitation modules I wrote for educational purposes.
1PSX-DEV. PSX homebrew development stuff.
1kerbrute. A tool to perform Kerberos pre-auth bruteforcing
1powershell-intune-samples. This repository of PowerShell sample scripts show how to access Intune service resources. They demonstrate this by making HTTPS RESTful API requests to the Microsoft Graph API from PowerShell.
1myaut_contrib. mod to myaut2exe decompiler
1