• EthWalletSecurity is an interactive site exploring the attack surface of MetaMask, the Chrome extension serving as a wallet store and Ethereum client.
  • CheckPlease CheckPlease is the go-to repository for the newest implant security modules. It is payload-agnostic, meaning every check is written in C, C#, PowerShell, Python, Ruby, Go, and Perl.
  • DLL Injector.c A basic Windows DLL injector in C using CreateRemoteThread and LoadLibrary. Implemented for educational purposes.
  • SessionGopher.ps1 SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.