CTFlearn writeups of all the challenges I have solved. It covers all the domains including Cryptography, Forensics, Reversing, Pwning and other Misc problems.

CTF framework and exploit development library

UAC bypass, Elevate, Persistence methods

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

Identifies the bytes that Microsoft Defender flags on.

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A little tool to play with Windows security

SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Red Teaming & Pentesting checklists for various engagements

Defund the Police.

This repository aims to hold suggestions (and hopefully/eventually code) for CTF challenges. The "project" is nicknamed Katana.

Tools & Interesting Things for RedTeam Ops

Win32 Shellcode CheatSheet: Your visual guide for crafting and understanding shellcode. Ideal for malware, and exploit developers

A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,…

PowerShell for every system!

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

SQL injection via bruteforced MD5 hash reflection of random strings

Open-Source Phishing Toolkit

Website Cloner - Utilizes powerful Go routines to clone websites to your computer within seconds.

Active Directory and Internal Pentest Cheatsheets

Template-based docx report creation

Easily generate and modify .docx files with JS/TS with a nice declarative API. Works for Node and on the Browser.

Web scraper that can create an offline readable version of a website

Data Scientists Go To Jupyter

Find domains and subdomains related to a given domain

Fetch all the URLs that the Wayback Machine knows about for a domain

A repository with 3 tools for pwn'ing websites with .git repositories available