Glass - a fast and free IDA Pro alternative

This project aims to compare and evaluate the telemetry of various EDR products.

A Python module to bypass Cloudflare's anti-bot page.

A tool to help query AD via the LDAP protocol

simple PE packer/crypter for Windows. compresses and encrypts executables with a custom virtual machine into a self-extracting stub.

Native multi-arch disassembler & decompiler - PE/ELF/Mach-O, x86/x64/ARM64, Lua scripting, RTTI recovery

Brovan is a user-mode x86_64 binary emulator for your malware analysis & reverse engineering.

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Debugger plugin for IDA Pro backed by the Unicorn Engine

Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, T…

Another Windows Local Privilege Escalation from Service Account to System

Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.com/.

High-performance Solana Program Fuzzer written in Rust with LibAFL/LiteSVM backend with sBPF edge coverage and state coverage

PowerShell Pass The Hash Utils

RTSPhuzz - An RTSP Fuzzer written using the Boofuzz framework

SDK for automating Ghidra from Python, Rust, and C++. Decompile, rename, annotate, inspect symbols/types/xrefs, and manage project lifecycle programmatically - treat Ghidra like infrastructure, not…

A fully syscalled C/C++ userland anti-debugging library and CLI for Windows, designed to protect software from reverse engineering with a focus on stealth.

Process Injection using Thread Name

Open-source, community-driven agent harness

PDF/Image to Markdown converter using Claude Code leveraging vision

C++ ggml runtime hub for multilingual ASR models: Cohere Transcribe, Parakeet TDT, Voxtral, Canary 1B v2, etc, plus universal forced alignment via NeMo Forced Aligner-style CTC, and others. Fork of…

Windows Console Docs Repo

Various Cobalt Strike BOFs

A simple i18next backend for locize.com which can be used in Node.js, in the browser and for Deno.

Reverse of OpenAI Privacy Filter: same 1.5B model, returns PII as structured spans instead of masking.

The headless browser for AI agents and web scraping