Linux kernel source tree

Small and highly portable detection tests based on MITRE's ATT&CK.

Course materials for Modern Binary Exploitation by RPISEC

ClamAV - Documentation is here: https://docs.clamav.net

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

A tool to dump the login password from the current linux user

Simple (relatively) things allowing you to dig a bit deeper than usual.

generate CobaltStrike's cross-platform payload

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Small tool to capture packets from wlan devices.

Open-Source Shellcode & PE Packer

tiny, portable SOCKS5 server with very moderate resource usage

Windows Object Explorer 64-bit

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

Unified AppSync dynamic library for iOS 5 and above.

The venerable cdecl, with Apple blocks support

A protective and Low Level Shellcode Loader that defeats modern EDR systems.

Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.

An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM

Windows Elevation(持续更新)

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

LPE exploit for CVE-2023-21768

Redirects the standard usbmuxd socket to allow connections to local and remote usbmuxd instances so remote devices appear connected locally.

Linux Kernel hooking engine (x86)

Windows Kernel Drivers fuzzer

WMI virus, because funny

ssldump - (de-facto repository gathering patches around the cyberspace)

Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!