Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527

Windows memory hacking library

LoadLibrary for offensive operations

Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain

A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.

A collection of weird ways to execute unmanaged code in .NET

Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999

Get file less command execution for lateral movement.

Windows Privilege Escalation from User to Domain Admin.

Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS using sockets.

Resolve syscall numbers at runtime for all Windows versions.

Privilege Escalation Enumeration Script for Windows

A .NET Runtime for Cobalt Strike's Beacon Object Files

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A .NET Framework 4.0 Windows Agent

Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.

Example RPC service for blog post

A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.

Cobalt Strike Malleable C2 Design and Reference Guide

This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A super small jsp webshell with file upload capabilities.

Adversary Tactics - PowerShell Training

easy-to-use payload hosting

CVE-2020-0601 #curveball - Alternative Key Calculator

Defeating Windows User Account Control

Automate the creation of a lab environment complete with security tooling and logging best practices

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

A collection of links related to VMware escape exploits