Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions

AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.

Self-hosted, lightweight server and website monitoring and O&M tool

A legitimate open-source monitoring tool (post-exploitation RAT). Compatible with mainstream systems, including Linux, Windows, macOS, OpenWRT, and Synology. The agent provides SYSTEM/root level access, file management, and an interactive web terminal. VirusTotal shows 0/72 detections because it isn’t malware, it’s legitimate software pointed at attacker infrastructure.
Installation is silent. Detection only occurs when attackers execute commands through the agent.

SpicyAD is a C# Active Directory penetration testing tool designed for authorized security assessments. It combines multiple AD attack techniques into a single, easy-to-use tool with both interactive and command-line interfaces.

Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

CVE-2025-38001: Linux HFSC Eltree Use-After-Free - Debian 12 PoC
syst3mfailure.io/rbtree-family-drama

The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.

Backdoor code found in Trust Wallet browser extension, causing theft of tens of millions of dollars in assets
A new backdoor code was added to version 2.68 of the Trust Wallet cryptocurrency wallet's browser extension, which sends users' mnemonic phrases to attacker servers. Due to the automatic update mechanism, the impact was widespread. On Christmas Day, December 25th, attackers began transferring funds, and according to current estimates, more than tens of millions of dollars in assets have been stolen. The latest version 2.69 has now removed the backdoor code.

This workbook walks you through the exact processes Iʼve found most useful for figuring out what to measure in a security program and why it matters. Itʼs built to cut through the noise and give you a clear, repeatable approach. I know your time is valuable. Thatʼs why this workbook is practical, not theoretical. The goal is to help you define metrics that drive real decisions and show a return on the effort you put in

This dissertation to explore the darker side of the protocol, how its privacy features can be exploited by attackers for data exfiltration, and what security challenges this poses for defenders

Open-source offensive security platform for conducting phishing campaigns that weaponizes iCalendar automatic event processing.
tangled.gitbook.io/tangled-docs/

A01:2025 - Broken Access Control
A02:2025 - Security Misconfiguration
A03:2025 - Software Supply Chain Failures
A04:2025 - Cryptographic Failures
A05:2025 - Injection
A06:2025 - Insecure Design
A07:2025 - Authentication Failures
A08:2025 - Software or Data Integrity Failures
A09:2025 - Security Logging & Alerting Failures
A10:2025 - Mishandling of Exceptional Conditions

This is a completely standalone sleep implementation for x86_64 Linux that depends only on the Linux kernel.

Smugglex is a security testing tool that detects HTTP Request Smuggling vulnerabilities in web applications. It tests for CL.TE, TE.CL, TE.TE, H2C, and H2 smuggling attacks.