In an Azure AD environment, it's possible to determine whether a user has Multi-Factor Authentication (MFA) disabled without requiring any s…
Bash post exploitation toolkit
BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catalog …
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
ipsets dynamically updated with firehol's update-ipsets.sh script
bof-launcher - a library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Ready t…
THANKS YOU FOR CODE | credit NixWasHere/NixC2
↕️🤫 Stealth redirector for your red team operation security
An open-source post-exploitation framework for students, researchers and developers.
Useful C2 techniques and cheat sheets learned from engagements
This is the C2 compiler written in C2 itself.
TeamServer and Client of Exploration Command and Control Framework
📦 Make security testing of K8s, Docker, and Containerd easier.
Certified Red Team Professional (CRTP) - Notes
ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. The …
Collection of knowledge about information security
Fast TCP/UDP tunnel transported over HTTP and secured via SSH. Used for port forwarding and pivoting through restrictive firewalls. Single b…
Backdooring Claude Code via hooks in settings.json. Authorized use only!
Cobalt Strike module x loader x profile x wike / A public collection of open resources for Cobalt Strike (only legal use in Red Team and pen…
坤坤CS 基于CobaltStrike cat 4.5二开项目 添加反沙箱、反测绘。集成常用后渗透插件,开箱即用
Autonomous Assumed Breach Penetration-Testing Active Directory Networks
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
…
A command and control (C2) server