The Reliable USB Formatting Utility

Lean's LEDE source

GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows)

A flexible distributed key-value database that is optimized for caching and other realtime workloads.

Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.

windows-kernel-exploits Windows平台提权漏洞集合

Defeating Windows User Account Control

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

Original Windows File Manager (winfile) with enhancements

Peer-to-peer VPN

Low-level unprivileged sandboxing tool used by Flatpak and similar projects

CTF竞赛权威指南

MemProcFS

The Fast Lexical Analyzer - scanner generator for lexing in C and C++

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

Packet, where are you? -- eBPF-based Linux kernel networking debugger

Simple (relatively) things allowing you to dig a bit deeper than usual.

eBPF implementation that runs on top of Windows

🌴Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

PJSIP project

Kernel Driver Utility

Dropbear SSH

Abusing impersonation privileges through the "Printer Bug"

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

The swiss army knife of LSASS dumping

Open-Source Shellcode & PE Packer

A high performance HTTP proxy cache server and RESTful NoSQL cache server based on HAProxy

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.