Skip to content
View qi4L's full-sized avatar
喝点咖啡<( ̄︶ ̄)↗[GO!]
喝点咖啡<( ̄︶ ̄)↗[GO!]

Organizations

@Qi4l-Labs

Block or report qi4L

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
61 stars written in C
Clear filter

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

C 25,496 3,200 Updated Mar 31, 2026

A little tool to play with Windows security

C 21,391 4,054 Updated May 11, 2025

A free Windows-compatible Operating System

C 17,370 2,088 Updated Apr 8, 2026

Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.

C 15,094 1,606 Updated Apr 8, 2026

Direct Memory Access (DMA) Attack Software

C 7,548 987 Updated Apr 8, 2026

Defeating Windows User Account Control

C 7,479 1,419 Updated Feb 17, 2026

The Minimalistic x86/x64 API Hooking Library for Windows

C 5,675 1,048 Updated Nov 3, 2025

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

C 4,529 737 Updated Jul 8, 2025

MemProcFS

C 4,080 515 Updated Mar 25, 2026

eBPF implementation that runs on top of Windows

C 3,467 285 Updated Apr 8, 2026

Transparently tunnel your IP traffic through ICMP echo and reply packets.

C 3,246 352 Updated Apr 12, 2022

An LLVM/Clang/LLD based mingw-w64 toolchain

C 2,737 252 Updated Apr 7, 2026

generate CobaltStrike's cross-platform payload

C 2,554 375 Updated Nov 20, 2023

Vmware Hardened VM detection mitigation loader (anti anti-vm)

C 2,227 523 Updated Dec 2, 2022

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

C 2,126 458 Updated Apr 6, 2026

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

C 2,007 505 Updated Jul 13, 2022

Windows Event Log Killer

C 1,813 306 Updated Sep 21, 2023

A little toolbox to play with Microsoft Kerberos in C

C 1,514 222 Updated Dec 14, 2021

基于eBPF的堆栈追踪工具

C 1,392 270 Updated Jan 11, 2026

A memory-based evasion technique which makes shellcode invisible from process start to end.

C 1,198 140 Updated Oct 16, 2023

Original C Implementation of the Hell's Gate VX Technique

C 1,178 134 Updated Jun 28, 2021

Another Windows Local Privilege Escalation from Service Account to System

C 1,166 134 Updated Jan 9, 2021

Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)

C 1,128 324 Updated Aug 2, 2019

Literally, the perfect injector.

C 982 199 Updated Apr 13, 2023

Minimalistic VT-x hypervisor with hooks

C 938 278 Updated Oct 18, 2019

Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64

C 818 197 Updated Apr 7, 2024

A .NET Runtime for Cobalt Strike's Beacon Object Files

C 774 110 Updated Sep 4, 2024

TartarusGate, Bypassing EDRs

C 661 86 Updated Jan 25, 2022

Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent

C 639 199 Updated Dec 26, 2024

Cobalt Strike HTTPS beaconing over Microsoft Graph API

C 629 99 Updated Jun 25, 2024
Next