The Shelf is a repository containing various tools, exploits, and scripts that I’ve gathered over the years. These are small but useful utilities for hacking, automation, and configurations that didn't justify their own repo but are too handy to lose. Useful for quick tasks, testing, or competitive hacking.
☆33Feb 16, 2026Updated 2 weeks ago
Alternatives and similar repositories for shelf
Users that are interested in shelf are comparing it to the libraries listed below
Sorting:
- ☆23Dec 31, 2025Updated 2 months ago
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆14Mar 31, 2025Updated 11 months ago
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆19Jun 20, 2025Updated 8 months ago
- A TUI for Active Directory collection.☆94Feb 17, 2026Updated last week
- RPC to WebClient startup☆55Aug 19, 2025Updated 6 months ago
- Request device ticket/token using the device's MSA☆38Aug 25, 2025Updated 6 months ago
- Our Tips&Tricks☆128Feb 17, 2025Updated last year
- Tiny and fast port scanner (Sliver edition)☆27Feb 17, 2026Updated last week
- Exploits a flaw in Remote Desktop Plus by monitoring and decrypting temporary .rdp files in %localappdata%/Temp, revealing credentials us…☆17Jul 3, 2025Updated 8 months ago
- SCEP request tool for AD CS and Intune☆73Oct 24, 2025Updated 4 months ago
- PoC that downloads an executable from a public SSL certificate☆136Jul 27, 2025Updated 7 months ago
- A complete security assessment tool that supports common web security issues scanning and custom POC | Be sure to read the document befor…☆20Sep 27, 2024Updated last year
- some of the commands I usually use when doing HTB machines☆53Jan 1, 2024Updated 2 years ago
- Chameleon is a polymorphic engine for x86_64 position independent shellcode that has been created out of the need to evade signature-base��…☆47Oct 3, 2025Updated 5 months ago
- TorrentSpyder is a command-line utility designed to retrieve Torrent Download History based on a specified IP address.☆17Oct 19, 2024Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆326Oct 20, 2025Updated 4 months ago
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆54Mar 11, 2025Updated 11 months ago
- ☆22Dec 1, 2025Updated 3 months ago
- ULPatch is open source user space live patch tool.☆13Jan 11, 2026Updated last month
- Group Policy Objects manipulation and exploitation framework☆292Dec 7, 2025Updated 2 months ago
- ☠️ Code for the Defcon Workshop☆23Aug 6, 2024Updated last year
- Hotkey-based keylogger for Windows☆32Oct 17, 2024Updated last year
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆63Dec 25, 2025Updated 2 months ago
- This repo contains useful scripts that AI created for me which I would have been too lazy for☆92Feb 22, 2026Updated last week
- Unauthenticated start EFS service on remote Windows host (make PetitPotam great again)☆129Oct 23, 2025Updated 4 months ago
- ☆141Sep 9, 2025Updated 5 months ago
- Impack-only implementation of WinRM protocol with support for NTLM and Kerberos auth☆121Oct 20, 2025Updated 4 months ago
- Styx is an cross-platform GUI interface for HackTheBox made in GoLang☆28Feb 8, 2026Updated 3 weeks ago
- All around cracking wordlist.☆31Oct 25, 2023Updated 2 years ago
- ☆29Sep 4, 2024Updated last year
- UAC Bypass using CMSTP in Rust☆35Dec 6, 2024Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE☆200Nov 12, 2024Updated last year
- ☆47Dec 5, 2025Updated 2 months ago
- tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it☆131Aug 23, 2025Updated 6 months ago
- A structured fuzzing framework built in Rust☆31Oct 10, 2022Updated 3 years ago
- ☆159May 5, 2025Updated 9 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- Commandline spoofing on Windows☆94Nov 25, 2025Updated 3 months ago