| 🎯 Rol | Investigador de Seguridad Ofensiva & Desarrollador Full-Stack |
| 🔴 Red Team | Operaciones de equipo rojo, simulación de adversarios, pentesting |
| 🕷️ Web Security | Auditoría de apps web, CMS, paneles, sistemas de foros |
| 📧 Email Security | Auditoría de infraestructura SMTP, IMAP, POP3 |
| 🦀 Malware Analysis | Análisis de ransomware, ingeniería inversa, extracción de IoCs |
| 🔑 Credential Auditing | Verificación multi-servicio: hosting, mail, CMS, protocolos de red |
| 🌐 Full-Stack Dev | Laravel 12 · Android (Kotlin) · PostgreSQL · MySQL · Bootstrap 5 |
| 💬 Forum & ERP Systems | XenForo-style forums · POS/ERP systems · enterprise web apps |
| 💻 Languages | C# · Python · Rust · PHP · Kotlin · Node.js · PowerShell · Bash |
💀 AdaptixC2 v1.1 — Post-Exploitation C2 Framework (Compiled)
Extensible Command & Control framework for authorized red team operations. Go teamserver + Qt6 C++23 GUI client. Pre-compiled Windows binary available in Releases — no build required.
Server: Go 1.25.4 · Gin-Gonic · WebSocket · JWT · SQLite · TLS/HTTP2
Client: Qt6 C++23 · KDDockWidgets · VT102 Terminal · AxScript Engine
Listeners: HTTP/S · DNS/DoH · SMB · TCP · Gopher (mTLS)
Features: SOCKS4/5 · Port Forwarding · BOF Support · Pivot Graph
Credential Vault · File/Process Browser · Screenshot Capture
Multi-operator · Telegram/Slack Hooks · KillDate · WorkingTime
Compiled: Pre-built Windows client in GitHub Releases (50 MB ZIP)
Docs: adaptix-framework.gitbook.io/adaptix-framework
⚡ MultiChecker v0.5 — 20-Service Credential Checker
GUI tool verifying credentials across 20 services with adaptive AIMD threading. Auto-detects services via DNS + port scanning.
Hosting Panels → cPanel · WHM · DirectAdmin · Plesk
Database → phpMyAdmin · Adminer
CMS → WordPress · Joomla · Magento · WHMCS
Email → SMTP · IMAP · POP3
Remote Access → SSH · FTP · OWA · RDWeb
Storage → OwnCloud · Synology DSM · Router Devices
📧 MassEmailSender v1.0 — Enterprise Email Distribution Platform
Professional bulk email platform with 8 SMTP providers, distributed workers, proxy rotation, open/click tracking and HTML conversion.
Providers: Single SMTP · Mailgun · Brevo · SendGrid
Office 365 Graph API · O365 Box-to-Box · AWS SES · cPanel
Features: 16 dynamic tags · Email verification · QR Generator · HTML→PDF/DOCX
🕷️ WpShellUploader v2.0 — WordPress Audit Tool
WordPress security auditing with 9 shell upload vectors and work-stealing thread pool with AIMD control.
🌐 WpManager — WordPress Site Manager
Professional WPF manager for WordPress sites — multi-thread validation, post/page management, bulk editing, spintax articles, OpenAI integration and SQLite persistence.
🐍 MultiCheckerMAX v0.5 — 19-Service Credential Verifier
Python credential verifier supporting 19 services with TeraExecutor high-performance engine, smart auto-detection (DNS + port scan), unlimited threading and proxy/Tor support.
Services: cPanel · WHM · Plesk · DirectAdmin · WordPress · Joomla · Magento
phpMyAdmin · Adminer · SMTP · IMAP · POP3 · SSH · FTP
OWA · OwnCloud · WHMCS · RDWeb · Synology DSM
Modes: Normal · TeraExecutor · Hybrid (adaptive)
Proxy: HTTP · SOCKS5 · Tor (socks5h://localhost:9050)
Download: Pre-compiled .exe available in Releases (no Python required)
Collection of Python security tools: SMTP verifier with PySide6 GUI · Laravel
.envexposure scanner (590+ path patterns) · Multi-thread cPanel auditor
💀 CVE-2025-60709 — Windows CLFS Local Privilege Escalation
LPE exploit PoC targeting Windows 11 24H2 (build 26100.3485+). Buffer overflow in
CLFS.syscontainer parsing → arbitrary kernel memory write primitive → SYSTEM token theft. C native + Go demo. ETW/AMSI bypass included.
CVE: CVE-2025-60709 — CLFS.sys buffer overflow
Target: Windows 11 24H2 (build 26100.3485+) — x64
Chain: CLFS container overflow → CClfsContainerContext fake struct
→ arb write to kernel → EPROCESS token overwrite → SYSTEM
Evasion: KillETW() · KillAMSI() · REALTIME_PRIORITY · Heap grooming (4096 files)
Offsets: EPROCESS_TOKEN=0x4C0 · EPROCESS_PID=0x440 · EPROCESS_LINKS=0x448
Payload: 1789-byte C2 beacon (IPv6+DoH · Gmail drafts fallback · sRDI)
Docs: YARA rules · IOCs · behavioral detection · HVCI/kCFI mitigations
🪟 CyberLogs — Windows Infostealer Sample (Research Only)
Full-featured Windows credential harvester disguised as
ChromeSetup.exe. C# .NET 4.8. Extracts passwords, cookies, crypto wallets, password managers, Discord/Steam/Telegram tokens. Exfiltrates via HTTP or Telegram bot.
Browsers: 14 Chromium variants (Chrome/Edge/Brave/Opera...) + Firefox
AES-256-GCM · Windows DPAPI · CNG NCrypt decryption
Wallets: 30+ crypto wallets (MetaMask, Phantom, Exodus, Electrum...)
Browser extension LevelDB + desktop wallet files
PwdMgrs: LastPass · 1Password · Bitwarden · KeePass · Dashlane
Windows Credential Manager (CredEnumerate P/Invoke)
Tokens: Discord · Telegram tdata · Steam config.vdf + ssfn
UAC: fodhelper.exe · computerdefaults.exe · eventvwr.exe (3 methods)
Stealth: Costura Fody single EXE · FreeConsole() · Fake Google LLC identity
Docs: IOCs · YARA rules · PowerShell detection · Mitigation guide
🍎 GlassWorm — macOS Infostealer Sample (Research Only)
macOS credential harvester targeting developers. Solana blockchain C2 for resilient command & control. Steals Keychain, browser cookies/passwords, SSH keys, AWS credentials and GitHub/NPM tokens.
C2: Solana blockchain (BjVeAjPrSKFiingBn4vZvghsGj9KCE8AJVtbc9S8o8SC)
Steals: macOS Keychain · Safari/Chrome/Firefox cookies · SSH keys
AWS credentials · GitHub tokens · NPM tokens · Documents
Persist: LaunchAgent plist · Custom Node.js install · AppleScript bypass
Docs: IOCs · YARA rules · Network detection · Mitigation guide
📱 DarkSword-RCE — iOS 18.4-18.6 Safari WebKit RCE Exploit (Research Only)
Drive-by RCE exploit kit for iOS 18.4–18.6. Multi-stage chain: JavaScriptCore memory corruption → WebKit sandbox escape via GPU process → Mach kernel privilege escalation. 38,652 lines, ~2.2 MB.
Target: iOS 18.4 / 18.6 / 18.6.1 / 18.6.2 — Safari/WebKit
Chain: JavaScriptCore → GPU sandbox escape → Privilege escalation
Tech: Memory primitives (read64/write64) · PAC bypass · ROP/JOP gadgets
Obj-C runtime manipulation · Mach kernel APIs · dlopen tricks
Docs: IOCs · YARA rules · Network detection · Mitigation guide
🦀 SkullLocker-Linux — Ransomware Sample (Research Only)
Linux ransomware sample in Rust for malware analysis and defensive research. Includes YARA rules, IoCs, auditd/Falco rules and incident response guides.
Crypto: ChaCha20-Poly1305 + X25519 ECDH key exchange
Purpose: Isolated lab environments only
Docs: YARA rules · IoC extraction · Behavioral detection · Falco rules
🤖 BotnetGo — Go+C DDoS Botnet Framework (Research Only)
Multi-architecture DDoS botnet framework with Go bot + C bot (alternative) and CNC server. Supports 8 flood methods, 6 cross-compiled architectures and Mirai-compatible C2 protocol. For defensive research and detection engineering only.
CNC: TCP :420 (operators) · TCP :7002 (bots) · Plaintext C2
Attacks: udpflood · udpsmart · tcpflood · synflood
ackflood · greflood · dns · http
Bot Go: 2024 workers · gopacket · miekg/dns · systemd persistence
Bot C: 1024 pthreads · raw sockets · POSIX · cron redundancy
Arches: x86 · armv7l · armv5l · armv8l · mips · mipsel
Docs: IOCs · YARA rules · Suricata rules · Mitigation guide
MultiPass: IMAP/POP3 credential verifier with SQLite DB of 500+ providers, inbox keyword search. MultiSMTP: SMTP validator with real send verification: TCP pre-check → auth → test email.
🏪 POS-System — Complete ERP / Point of Sale
Full POS & ERP system with Laravel 12 backend, PostgreSQL database and native Android app. Multi-warehouse, RBAC, inventory, sales, customers and suppliers.
Backend: Laravel 12 · PHP 8.2+ · Spatie RBAC · Vite · REST
Database: PostgreSQL 14+ · 25+ tables · UUID · JSONB · Soft Deletes
Android: Kotlin · SDK 26+ · ML Kit Barcode · Biometrics AES-256
Modules: Products · Inventory · Sales · POS Sessions · Customers
Suppliers · Multi-warehouse · Purchase Orders
💬 XenForo-Forum — XenForo-Style Forum on Laravel 12
Complete forum system replicating XenForo with Laravel 12 and a dark Bootstrap 5.3 theme. 82-table MySQL schema with Nested Set hierarchy, 6-type reactions, private messages, polls, full-text search and moderation system.
Backend: Laravel 12 · PHP 8.2+ · 16 Eloquent models · 61 routes
Frontend: Bootstrap 5.3 · Tailwind CSS 4.0 · Font Awesome 6
Database: MySQL 5.7+ · 82 tables (xf_ prefix) · FULLTEXT search
Modules: Forums · Threads · Posts · Reactions (×6) · Private Messages
Alerts · Profiles · Moderation · Polls · Attachments
Trophies · Tags · Bookmarks · Reports · Search · Nested Set
WordPress plugin blocking public access to
uploads/to prevent shell execution and unauthorized file access.
🛡️ BypassCloudfareWAF — Cloudflare WAF Bypass Wrapper
Bash
curlwrapper that impersonates Chrome 131 to bypass Cloudflare WAF and other web firewalls. Returns content tostdoutfor direct integration with pentesting pipelines.
Method 1: curl + Chrome 131 headers / HTTP2 / TLS 1.3 (warm-up + real request)
Method 2: cloudscraper Python — resolves Cloudflare JS Challenge, extracts cf_clearance
Method 3: Origin IP discovery — DNS history + subdomain scan → Total WAF bypass
Method 4: Header spoofing — X-Forwarded-For / True-Client-IP: 127.0.0.1
Pipeline: stdout → sqlmap · ffuf · nikto · grep · jq
If my tools help your security research, pentesting, or development — consider sponsoring to keep the projects active and receive early access to new tools and priority support.
Si mis herramientas te ayudan en investigación de seguridad, pentesting o desarrollo — considera patrocinar para mantener los proyectos activos y recibir acceso anticipado a nuevas herramientas y soporte prioritario.
| Red / Network | Dirección / Address |
|---|---|
| USDT TRC20 | TVhLJNij6KYgkhAu1nH1suh2YwDnDVV7pG |
| BTC | 1FGeEqNZwqWKt9sxj1zycNf2NhMeGhCrTa |
| Tier | Amount | Benefits |
|---|---|---|
| ☕ Coffee | $5/mo | Name in SPONSORS.md of all repos |
| 🛡️ Supporter | $15/mo | Early access to new tools + Coffee benefits |
| 🔥 Pro | $50/mo | Priority support + pre-release builds + Supporter benefits |
| 🏆 Enterprise | $200/mo | Custom features, logo in README + Pro benefits |
🔒 Canal privado con acceso a nuevas herramientas, releases anticipados, tutoriales de seguridad ofensiva y soporte directo.
🔒 Private channel with access to new tools, early releases, offensive security tutorials and direct support.
All tools published here are for authorized security research, ethical pentesting, and controlled educational environments only. Never use against systems without explicit written authorization from the owner. Misuse may violate the CFAA, Computer Misuse Act, GDPR and equivalent laws in your jurisdiction. Authors assume no liability for misuse.
Todas las herramientas son para investigación de seguridad autorizada, pentesting ético y entornos educativos controlados. El uso indebido puede violar el CFAA, Computer Misuse Act, RGPD y legislación equivalente. Los autores no asumen responsabilidad por el uso indebido.