Compiled tools for internal assessments for pentesters and red teamers.
A repository of essential techniques for bypassing anti-virus and EDR systems.
The best and simplest free open source web page change detection, website watcher, restock monitor, and notification service.
peeko is a browser-based XSS C2 tool for stealthy internal network exploration via infected browsers.
A framework for cyber defenders to perform adversary infrastructure pivots and reveal additional adversary infrastructure.
ShadowPhish is an advanced APT awareness toolkit for simulating phishing and malware attacks for cybersecurity training.
A tool for automatically scraping security vulnerability articles from WeChat Official Accounts and converting them to Markdown format.
Decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface bypassing path validation and encryption protections.
Demonstrates the CVE-2025-24016 RCE vulnerability in the Wazuh server.
A security advisory on Fermax Intercom DTML Injection vulnerability that allows unauthorized access through DTMF tones.
A collection of prompt injection mitigation techniques.
Project Mantis is a tool designed to counter LLM-driven cyberattacks using prompt injection techniques.
