We are happy to share a number of tools with the public. For the latest information and versions, please check us out on GitHub. We welcome and encourage contributions to our public tools.


Nettitude’s PoshC2 is a PowerShell based Command & Control system designed for ease of use, extensibility and reliability.


Tunnellable HTTP/HTTPS socks4a proxy written in C# and deployable via PowerShell. SharpSocks can be used with any C2 framework.

XSS Payloads

Fire something more meaningful than alert(1) at your victims!  This repository is frequently updated with new attacks.


Pbind was created to overcome lateral movement problems, specifically in restricted environments where the server VLAN could not directly talk to the user VLAN.


Scrounger is a modular tool designed to perform the routine tasks required during a mobile application security assessment. Supports iOS and Android.


An IE Post Exploitation Library that can be used standalone or with C2 frameworks.

PowerThIEf works with Internet Explorer.


A useful command line data harvesting tool to help alleviate some of the more time consuming reconnaissance tasks.

Microsoft Logparser Query Files

A set of queries for sysmon log files that will process each of the Event types that sysmon records.


ZeroPress provides a way to quickly catch critical impact ‘low hanging fruit’ vulnerabilities in WordPress. Useful for web application penetration tests.


Rocktastic is a word list of over one billion words and is based on real passwords and patterns observed in the wild.