SilentButDeadly neutralizes EDR/AV by blocking their network access via WFP without terminating processes, enabling network isolation and preventing updates or telemetry

Projects for security students

Containers are an effective way to configure, deploy, and use Red Team tools

A community database, API and collaboration platform to help identify and protect against open source malware

AI-powered workflow automation and AI Agents for AppSec, Fuzzing & Offensive Security Official site

GhostBuilder is a payload generator tool for creating Android, Windows, Linux, macOS, and iOS payloads using Metasploit. It can also inject payloads into existing APK files and sign them automatically

– Create payloads for Android, Windows, Linux, macOS, and iOS
– Inject payloads into real APKs
– Auto-install and check missing dependencies
– Sign and zipalign Android APKs
– Simple menu-based interface

This repository contains a PoC for a program that utilizes ETW to leak kernel memory addresses

A modern download manager that supports all platforms. Built with Golang and Flutter.

A dependency‑free Python3 Command & Control framework for redteam persistence, built to run on systems without installing packages. It comprises a Flask team server, an Electron operator GUI, and a single‑file Python agent that communicates over HTTP/HTTPS using configurable AES‑encrypted JSON messages. Use it to execute commands, manage files, maintain access, and create SSH reverse tunnels from compromised systems.

#Cloudflare has started blocking proxy tools like Burp Suite. If you encounter this error, download the Bypass Bot Detection extension from the BApp Store in Burp Suite. It should resolve the issue for Burp Suite.

RCE vulnerabilities in three extensions that were written, published, and promoted by Anthropic themselves - the Chrome, iMessage, and Apple Notes connectors

Since v0.32.2, editing requires user approval