I wrote a short post about how you only need the NtReadVirtualMemory address for dynamic API resolution, plus how you could use a vulnerable binary to leak its address (and you would not have GetProcAddress, GetModuleHandle or LoadLibrary in the IAT) - github.com/ricardojoserf/…

ControlSTUDIO - an adversary simulation framework made fully in Go, with support for malleable command and control (C2) profiles. github.com/zarkones/Contr… #redteam

FACADE: a high-precision deep-learning-based machine learning system used in a number of applications across Google. It is used as a last line of defense against insider threats, as an ACL recommendation system, and as a way to detect account compromise github.com/google/facade

ETWLocksmith - A powerful Windows command-line tool for analyzing and searching ETW (Event Tracing for Windows) provider permissions from the Windows registry github.com/olafhartong/ET…

🧐When Defenders Become the Attackers: The Elastic EDR 0-Day (RCE + DoS) ashes-cybersecurity.com/0-day-research/

SpearSpray - an advanced password spraying tool designed specifically for AD environments. It combines user enumeration via LDAP with intelligent pattern-based password generation to perform controlled and stealthy password spraying attacks over Kerberos. github.com/sikumy/spearsp…

DllShimmer - Weaponize DLL hijacking easily. Backdoor any function in any DLL without disrupting normal process operation github.com/Print3M/DllShi…

Fast context enumeration for newly obtained Active Directory credentials github.com/sikumy/sauron

Back from PTO and back on my Azure vulnerable lab project Function Apps, Runbooks, VMs, DBs, SPNs & more. Built to learn Azure and sharpen my Red Team. Works on Pay-As-You-Go (no P1/P2 needed). Hoping others find it useful! #redteam github.com/dmcxblue/Azure…

Checks to see which drivers from loldrivers.io are not blocked by the current HVCI blocklist on the system github.com/trailofbits/HV…

Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows Filtering Platform (WFP) github.com/0xJs/BlockEDRT…

Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking by S3cur3Th1sSh1t github.com/rtecCyberSec/S…

Impersonate Windows tokens in Nim github.com/Fudgedotdotdot…

I'm releasing my new tool: DllShimmer 🔥 Weaponize DLL hijacking easily. github.com/Print3M/DllShi… - backdoor any function, no reverse engineering - all functions proxied, no program crash - built-in debug info and mutex to every function - more... #redteam #malware #security

🎯 As a new article is being prepared, a quick recap to the what it has been posted the last month! ⭐️ ipurple.team/2025/07/28/bad… ⭐️ ipurple.team/2025/08/04/lat… ⭐️ ipurple.team/2025/08/12/act…

I wanted to find out if you could start the WebClient service remotely, so I ended up digging into it specterops.io/blog/2025/08/1…

BYOVD hunter to help prioritize windows drivers worth manual analysis github.com/BlackSnufkin/H…