Format long strings to VBA code

Open-source Windows and Office activator featuring HWID, Ohook, KMS38, and Online KMS activation methods, along with advanced troubleshooting.

Custom built Syntax Highlight tool for Word Documents

A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,…

Cmd.exe Command Obfuscation Generator & Detection Test Harness

Windows inside a Docker container.

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

Unorthodox and stealthy way to inject a DLL into the explorer using icons

Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute

🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust

Shikata ga nai (仕方がない) encoder ported into go with several improvements

Collection of Beacon Object Files (BOF) for Cobalt Strike

Query Active Directory Objects, GPOs, OUs, Groups

A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities

Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares

PowerShell script to generate ShellCode in various formats

Enumerate for and list Certificate Templates

Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"

CLI monitor for windows process- & file activity

Explorer++ is a lightweight and fast file manager for Windows

Parses Snaffler output file and generate beautified outputs.

Adaptive DLL hijacking / dynamic export forwarding - EAT preserve

HashKitty is a user-friendly cross-platform Python wrapper for Hashcat designed to provide an easy password cracking experience for both beginners and experienced users. It additonally can produce …

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.

Map account sessions for domain Endpoints or specific hosts, both SMB sessions (which accounts are connected via shares) and interactive (RDP, local, RunAs), with No admin permissions needed

Make everyone in your VLAN ASRep roastable

Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.