An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Open-source AI hackers to find and fix your app’s vulnerabilities.

Fully autonomous AI Agents system capable of performing complex penetration testing tasks

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

Bjorn is a powerful network scanning and offensive security tool for the Raspberry Pi with a 2.13-inch e-Paper HAT. It discovers network targets, identifies open ports, exposed services, and potential vulnerabilities. Bjorn can perform brute force attacks, file stealing, host zombification, and supports custom attack scripts.

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Red Teaming Tactics and Techniques

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

OSWE, OSEP, OSED, OSEE

OSCP Cheat Sheet

A high performance offensive security tool for reconnaissance and vulnerability scanning

A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.

A curated list of awesome OSCP resources

Automated NoSQL database enumeration and web application exploitation tool.

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.

A Claude Code skill bundle for bug hunting and external red-team work — 71 skills, 15 slash commands, 681 disclosed-report patterns curated across 24 core vulnerability classes, plus enterprise identity + infrastructure attack matrices.

Fast, multi-protocol credential brute-forcer. Parses Nmap, Nessus, and Nexpose output to automatically test default and custom credentials across 30+ protocols.