Golden dMSA - This tool exploits a new attack against delegated Managed Service Accounts called the "Golden DMSA" attack. The technique allows attackers to generate passwords for all associated dMSAs offline. meterpreter.org/golden-dmsa-to…

The flaw allows attackers to gain SYSTEM privileges on Windows Server 2025 via a new NTLM relay attack that bypasses LDAP Channel Binding. PoC available! #WindowsServer #InfoSec #CVE #NTLM #CyberSecurity securityonline.info/poc-exploit-re…

EvilMist - a collection of scripts and utilities designed to support cloud penetration testing & red teaming. ✅Identify misconfigurations ✅Assess privilege-escalation paths ✅Simulate attack techniques github.com/Logisek/EvilMi…

OffsetInspect - PowerShell utility to map AV detection offsets in PowerShell scripts to their corresponding line numbers for static analysis and red-team tooling github.com/warpedatom/Off…

Understanding Null Pointer Dereference in Windows Kernel Drivers TLDR; this blog post will explore one of the classic yet dangerous bugs null pointer dereference. whiteknightlabs.com/2025/06/24/und…

Static analysis for Android apps based on the OWASP MASVS framework 🌟 - github.com/Cyber-Buddy/AP… #infosec #cybersec #bugbountytips

Collection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing. github.com/atomiczsec/Adr…

Manipulating and obfuscating call stacks by klez Part 1: klezvirus.github.io/posts/Moonwalk… Part 2: klezvirus.github.io/posts/Callback… #infosec

Creation of multiple Malware tools consisting of evasion, enumeration and exploitation github.com/CaptMag/MalDev

AV-EDR-Killer AV/EDR processes termination by exploiting a vulnerable driver (BYOVD) github.com/xM0kht4r/AV-ED… #dfir #blueteam #redteam #pentesting #windows #byovd

GitHub - xM0kht4r/VEN0m-Ransomware: Fully undetectable and evasive ransomware written in Rust, leveraging a BYOVD technique to disable AV/EDR solutions on the infected systems. github.com/xM0kht4r/VEN0m…

GitHub - j3h4ck/UnknownKiller: PoC exploit for the vulnerable (eb.sys or UnknownKiller.sys) – weaponized to kill protected EDR/AV processes via BYOVD. github.com/j3h4ck/Unknown…

Abusing Cortex XDR Live to use a legitimate security solution as a C2 channel labs.infoguard.ch/posts/abusing_… #dfir #blueteam #redteam #pentesting #apt #threathunting

apimspray - a specialized Entra ID Passwordspraying Toolkit designed for authorized security research and Red Teaming. It utilizes Azure API Management (APIM) gateways as a distributed, rotating proxy layer for IP Rotating github.com/crtvrffnrt/api…

🚨 Someone just open sourced a fully autonomous AI hacker and it's terrifying. It's called Shannon. Point it at your web app, and it doesn't just scan for vulnerabilities. It actually exploits them. Real injections. Real auth bypasses. Real database exfiltrations. Not alerts.

Automated DLL Hijacking Detection Tool with Zero False Positives — Discovers, filters, and canary-confirms exploitable DLL hijacks on Windows with tiered confidence scoring github.com/ghostvectoraca…

VMkatz extracts Windows secrets (NTLM, DPAPI keys, Kerberos tickets, LSA secrets, NTDS.dit) directly from VM snapshots and virtual disks on NAS/hypervisors. Single ~2.5MB binary; supports .vmsn, .vmdk, .sav. #VMkatz #vmdk #ntlm github.com/nikaiw/VMkatz

The article demonstrates how to hook COM methods in Windows Subsystem for Linux by leveraging C++ RTTI metadata to reconstruct class layouts and locate virtual methods, enabling precise COM instrumentation without symbols. core-jmp.org/2026/03/wsl-co…

WebRelayX - NTLM Relaying to generic web services with NTLM authentication github.com/SecCoreGmbH/We…

UnderlayCopy_bof BOF for Havoc that copies locked Windows files (SAM, SYSTEM, NTDS.dit) via raw MFT parsing. No VSS, no Registry APIs, no PowerShell github.com/Muz1K1zuM/Unde… #blueteam #redteam #dfir