Pentesting
A fileless C2 framework written in pure x64 Linux Assembly with zero libc dependencies. Features dynamic protocol pivoting between raw ICMP sockets and DNS (UDP/53) via in-memory VTable manipulation. 100% direct syscalls, no disk writes, and strict mathematical packet authentication.
Reverse proxy for Claude Code that anonymizes sensitive pentest data (IPs, hashes, credentials, hostnames, PII) before it reaches Anthropic. Dual-layer detection: local Ollama LLM + regex safety net, with per-engagement vault and self-improving feedback loop.
Full static analysis of HyperHives macOS Rust infostealer — 571 decrypted config values, C2 infrastructure, DPRK/Contagious Interview attribution, YARA/Sigma rules, STIX 2.1 bundle, ATT&CK Navigator layer
A stealthy loader for shellcode staged with http/https like Sliver
The most autonomous pentesting AI on the market. MCP server + Python agents with 150+ security tools, exploit chaining, and PoC validation.
AI-powered penetration testing assistant using local LLM on linux (Parrot OS)
FOFA Hacking Queries - API Key Hunter
Autonomous CTF solver that races multiple AI models in parallel. 1st place BSidesSF 2026.
RTOSploit is a security testing framework purpose-built for embedded RTOS firmware. It combines static analysis, CVE correlation, vulnerability assessment, exploit and payload generation, peripheral firmware auto-rehosting, grey-box fuzzing, and automated reporting - all running entirely in software via QEMU emulation.
SSL pinning bypass setup for iOS (No Jailbreak) using OpenVPN + iptables traffic redirection to proxy (Burp Suite / mitmproxy)
PowerShell reverse-shell payload generator engineered to bypass Windows Defender and AMSI.
MCP server that connects AI assistants to HackerOne for bug bounty hunting
Convert your HackerOne reports into reusable AI skills.
AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code.
Get shell to almost any OpenClaw host machine.
We took PersistenceSniper, merged it with Python, and misspelled it on purpose. Meet PyrsistenceSniper.
Adaptix C2 agent using Crystal Palace PIC linker and PICO module system
Open-source Windows credential audit tool — extracts NTLM hashes from SAM/SYSTEM hives, cracks passwords using Hashcat, and tests password strength. Generates TXT, JSON, and HTML reports.
The Inescapable Auditor -- iterative deep-logic security audit agent for Claude Code