🧱 easy and fast microVMs for running untrusted workloads

Linux kernel loader

iOS and macOS entitlement database

Custom GeForce Now Client Named OpenNOW

Yet another xpc sniffer

A delicious, but malicious SSL-VPN server 🌮

POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY

Exploiting Jackson deserialization vulnerability with 3 gadgets

A collection of my Semgrep rules to facilitate vulnerability research.

Binja (sort of) headless

Python tool for converting files and office documents to Markdown.

A Reflective Loader for macOS

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

A Go implementation of Cobalt Strike style BOF/COFF loaders.

build-once run-anywhere c library

Evasion by machine code de-optimization.

Collection of leaked system prompts

A Rust implementation of the Security Support Provider Interface (SSPI) API

headless terminal - wrap any binary with a terminal interface for easy programmatic access.

SwayFX: Sway, but with eye candy!

This is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC.

JSON parser for embedded systems: compact, in-place, malloc-free

Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.

bpftop provides a dynamic real-time view of running eBPF programs. It displays the average runtime, events per second, and estimated total CPU % for each program.

[ BOF-LAUNCHER ] -> an API for loading, executing and in-memory masking BOFs on Windows and Linux for use in C/Zig/Go/Rust agents/implants. [ Z-BEAC0N ] -> a custom-written stage-1 (aka pre-C2) sol…

🚨 slog: Loki handler

A library for loading and executing PE (Portable Executable) from memory without ever touching the disk