Open Source Software Contributions
| Link to Contributions | Project Description |
| :--|:--|
| redcanaryco/atomic-red-team | Unit tests for defensive organizations|
| proxychains4 | CLI for proxying non-proxy-aware tools|
| kolide/fleet | Federated OSQuery Platform|
| kerbrute | Golang Post-Exploitation utility for interacting with Kerberos |
| empire | Python/Powershell C2 Framework|
| merlin | Golang C2 Framework|
| evilginx2 | Phishing proxy server capable of bypassin 2FA by harvesting cookies|
| shhgit | Git history secret scraper|
| flamingo | Adversarial HoneyPot|
| wifi pineapple modules| WiFi Exploitation Hardware Platform|
| metasploit|Popular Exploitation Framework|
| WhatWeb | Screenshotting Web Scanner |
| go-winacl | Ports Windows Security Descriptor parsing to Golang|
| ldsview | Extract and Query LDAP directories offline |
| sadad | Unreleased: Golang Active Directory attack platform |
Some Personal Projects
| Repo Link | Project Description |
| ---|---|
| nx | a tmux-driven, scriptable reverse shell manager with a multiplexing identity crisis (Go)|
| lpegopher | automate finding vulnerable PE dependencies using neo4j (Go)|
| mcpmap | enumerate and trigger tools from remote MCP servers |
| dllexical | Small workbench for simplfying DLL hijack payload generation by adding DLL Forwards to binaries (Go)|
| dllinquent | ioutil.Scanner interface for walk PE PEBs (Go) |
| rpcls | Pull loaded DLLs from the PEB, imported funcions from the in-memory IAT to see if the process is hosting RPC (Go)|
| ino | PE parser that extracts Imports, Exports, Forwards to Cypher-friendly JSON for Neo4j ingestion (Go)|
| gorsh | Toy malware and reverse shell for CTFs. Includes enum scripts and exfil options (Go)|
| passdb-frontend | Svelte.js frontend for pivoting around public password dumps (JS)|
| passdb-backend | API for passdb-frontend using GCP BigQuery as its data source (Go)|
| letsproxy | one-liner reverse proxy that generates tls certs (Go)|
| doxycannon | Use docker to spin up concurrent VPNs and rotate traffic through them (Python)|
| holeysocks | Module for implementing reverse socks through SSH (Go)|
| git-ls | Map GitHub (and Enterprise) Access Token relationships, pull all private repos to which the token has been given access (Go)|
| kh | CLI to test validity of various API service tokens (Go)|
| sudophisher | ASKPASS programs for stealing git, ssh, sudo passwords (Go)|
| doubletap | Headless browser for evaluating JS to defeat dynamic nonces, etc for password spraying (Ruby/Docker)|
| amnesia | wipes free memory to mess with the likes of Encase, Volatility, etc (Go)|
| msldapuac | A package for retrieving values from the Microsoft LDAP property UserAccountControl|
| davil | Intranet Zone breakout - leak net-ntlm hashes over the internet|
| hearsay | A proxy-aware reverse HTTP proxy and concentrator|