15 Repos
Capabilities for running custom scripts or system commands directly on a target machine.
Distinct from Command Execution: Distinct from Command Execution: focuses on the security-oriented execution of arbitrary commands for remote control.
Explore 15 awesome GitHub repositories matching development tools & productivity · Arbitrary. Refine with filters or upvote what's useful.
PowerSploit is a collection of PowerShell modules designed for security assessment, penetration testing, and red team operations. It provides a framework for auditing Windows system configurations and evaluating the effectiveness of security defenses within an enterprise environment. The framework focuses on techniques that leverage native system administration tools and scripting environments to perform operations. It includes capabilities for executing arbitrary commands, escalating user privileges, and maintaining system persistence through event subscriptions. By utilizing in-memory execu
Runs custom scripts or system commands directly on a target machine to facilitate remote control.
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
Identifies signed binaries that load and execute specified DLLs from arbitrary paths.
twin.macro is a build-time style compiler and utility-first styling tool that converts Tailwind CSS utility classes into optimized style objects for JavaScript styling libraries. It acts as an integration bridge, allowing developers to use Tailwind design tokens and utility classes within a component-based architecture. The project distinguishes itself by performing transformations during the compilation phase rather than at runtime. It maps utility strings to CSS-in-JS engines such as Emotion and Styled Components, resolving design tokens directly from a Tailwind configuration file to ensure
Defines one-off CSS properties and values using special notation for styles outside the standard utility set.
UACME is a set of specialized tools designed to audit security configurations, escalate user privileges, and circumvent access control restrictions on Windows systems. It functions as a utility for executing commands with elevated privileges by bypassing User Account Control restrictions. The project includes a configuration auditor used to extract and analyze system settings to identify security misconfigurations and vulnerabilities. It provides a collection of techniques for gaining administrative rights on a host. The toolset covers a wide range of privilege escalation and security auditi
Utilizes DLL loading from non-standard paths to intercept trusted binaries with administrative rights.
Tailwind CSS Typography is a plugin for the Tailwind CSS framework that provides hand-tuned typographic defaults for blocks of vanilla HTML content, such as content from Markdown or a CMS. It applies beautiful prose styles to HTML content using a single class, eliminating the need for custom CSS to style rich text. The plugin distinguishes itself by offering deep customization and control over typography. Users can adjust the overall font size of prose content across five predefined sizes, select from five built-in gray-scale palettes to match a project's color scheme, and seamlessly adapt ty
Creates one-off utility classes by allowing arbitrary CSS values directly in square bracket syntax within HTML.
Genkit is an open-source framework for building AI-powered applications. It provides a unified interface for connecting to hundreds of generative AI models from multiple providers, enabling text, image, audio, and video generation through a single API. The framework structures multi-step AI interactions—including chat, retrieval-augmented generation, tool use, and agentic workflows—as composable, traceable flows with built-in streaming and state management. The framework distinguishes itself through a comprehensive developer toolkit that includes a command-line interface and a local developer
Executes flows directly from the command line for testing or ad-hoc tasks.
tailwind-merge is a utility library that resolves conflicting Tailwind CSS class strings when combining multiple sets of classes. It automatically detects and removes conflicting utility classes, keeping only the last class from each group that modifies the same CSS property, while preserving non-conflicting and non-Tailwind classes unchanged. The library handles complex conflict scenarios including modifier-order resolution, arbitrary value type detection, postfix modifier semantics, and asymmetric conflicts where one class group removes preceding classes from other groups but not vice versa
Merges classes with arbitrary values, automatically detecting their type and resolving conflicts.
LXD is a unified platform for managing both system containers and virtual machines through a single REST API and command-line interface. It provides a programmatic HTTP interface for controlling the full lifecycle of instances, enabling automation and integration with external tools. The system runs unprivileged containers with per-instance UID/GID mappings, seccomp filters, and AppArmor profiles for kernel-level isolation, while supporting multiple storage backends including directory, Btrfs, LVM, ZFS, Ceph, LINSTOR, and TrueNAS through a unified driver interface. The platform distinguishes
Runs arbitrary API requests from the command line to inspect or interact with the system.
ZenML is an extensible machine learning orchestration framework designed to manage the end-to-end lifecycle of data pipelines and AI agent workflows. It functions as a durable orchestrator that executes machine learning tasks as directed acyclic graphs, ensuring that every step is containerized for consistent performance across local, cloud, and hybrid infrastructure. By decoupling pipeline code from underlying compute and storage backends, the platform allows developers to define infrastructure-agnostic stacks that remain portable across diverse environments. The project distinguishes itself
Triggers execution of a specific flow version or tagged route via CLI, SDK, or HTTP requests to initiate remote processing tasks.
ZenML is an orchestration platform designed for building, deploying, and monitoring reproducible machine learning pipelines and agentic workflows. It provides a unified framework that manages the entire lifecycle of machine learning assets, from data processing and model training to the deployment of persistent inference services. By decoupling pipeline logic from underlying compute and storage, the platform enables teams to transition workflows seamlessly from local development environments to production-grade cloud infrastructure. The platform distinguishes itself through a service-oriented
Provides CLI commands to trigger specific versions or tagged routes of deployed machine learning flows.
Empire is a post-exploitation command-and-control (C2) framework designed for red team operations. It deploys and manages agents written in PowerShell, Python, C#, Go, and C across Windows, Linux, and macOS, using encrypted communication channels over HTTP, HTTPS, and SMB. The framework executes over 400 built-in modules for reconnaissance, privilege escalation, credential theft, and lateral movement, and provides a modular engine for authoring custom attack modules. What sets Empire apart is its multi-language agent deployment system, which allows operators to choose implants that suit each
Executes shell commands, PowerShell scripts, .NET assemblies, and Beacon Object Files on target systems.
Evans ist ein gRPC-Client und API-Explorer, der für das Testen, Debuggen und Automatisieren von Remote Procedure Calls entwickelt wurde. Er fungiert als interaktiver Client und zustandsloses Kommandozeilen-Utility für die Ausführung von gRPC-Methoden und die Inspektion von Remote-Server-API-Oberflächen. Das Tool bietet spezialisierte Unterstützung für das gRPC-Web-Protokoll, um die Kommunikation mit Web-basierten Implementierungen zu erleichtern. Es ermöglicht die Entdeckung von Diensten und Nachrichtenstrukturen durch Server-Reflection oder Definitionsdateien und unterstützt das Management von Unary-, Client-Side-, Server-Side- und bidirektionalen Streaming-Kommunikationen. Das Projekt deckt das Request-Management durch benutzerdefinierte Metadaten-Header und die Handhabung komplexer Feldtypen wie Arrays, Enums und Base64-kodierte Bytes ab. Es nutzt JSON-basierte Repräsentationen für Ein- und Ausgaben, um maschinenlesbare Ergebnisse und Datei-basierte Request-Automatisierung zu ermöglichen.
Provides a command line interface for running requests that accept input from files and output results as JSON.
LoadLibrary is a binary instrumentation framework that loads and executes Windows PE/COFF DLLs natively within Linux processes. It provides a cross-platform binary execution layer that maps Windows portable executable files into Linux memory, resolving imports and relocations so that exported functions can be called as if they were native Linux library routines. The framework enables runtime interception and modification of Windows DLL function behavior, including redirecting API calls to Linux-native implementations through a binary patching hook engine. It includes a code coverage auditor t
Loads Windows PE/COFF DLLs into a Linux process, resolving imports and relocations for native execution.
Thunder Client is a REST API client extension for VS Code that functions as an HTTP request manager, testing tool, and mocking workspace. It allows users to send requests, organize them into collections, and manage API configurations directly within the editor. The project distinguishes itself through a command-line interface for executing automated test suites in CI/CD pipelines and a Git-based synchronization system for sharing request collections and environment configurations across teams. It also incorporates artificial intelligence to automate the conversion of API scripts during migrat
Allows automated execution of entire API request collections via a CLI for CI/CD integration.
OffensiveNim is a red teaming framework and post-exploitation toolkit developed in Nim. It provides a collection of low-level primitives and a Windows API wrapper designed for offensive security operations, including malware development and shellcode loading. The project focuses on evasion and obfuscation through techniques such as API unhooking, direct system calls, and anti-debugging mechanisms. It features diverse payload delivery methods, including reflective binary loading, the execution of .NET assemblies via CLR hosting, and various shellcode injection techniques using fibers, COM obje
Builds dynamic link libraries with exported entry points and custom initialization logic.