Skip to content
View thecybermafia's full-sized avatar
15 followers · 16 following

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: StarstruckAchievement: Pull Shark

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: StarstruckAchievement: Pull Shark

Block or report thecybermafia

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

36 stars written in C
Clear filter

RogueMaster / flipperzero-firmware-wPlugins

Forked from flipperdevices/flipperzero-firmware

RogueMaster Flipper Zero Firmware

C 5,972 589 Updated Nov 6, 2025

containers / bubblewrap

Low-level unprivileged sandboxing tool used by Flatpak and similar projects

C 4,961 266 Updated Aug 4, 2025

gtworek / PSBits

Simple (relatively) things allowing you to dig a bit deeper than usual.

C 3,414 549 Updated Oct 20, 2025

Adaptix-Framework / AdaptixC2

C 2,283 413 Updated Oct 30, 2025

antonioCoco / RemotePotato0

Windows Privilege Escalation from User to Domain Admin.

C 1,421 222 Updated Dec 18, 2022

xaitax / Chrome-App-Bound-Encryption-Decryption

Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.

C 1,128 192 Updated Nov 6, 2025

netero1010 / GhostTask

A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

C 587 67 Updated Jan 2, 2025

bytewreck / DumpGuard

Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.

C 405 33 Updated Oct 27, 2025

j4nf4b3l / MDMPatcher-Universal

MDM patch *should* working on iOS 15+...

C 383 168 Updated Jun 13, 2023

OmriBaso / RToolZ

A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.

C 323 43 Updated Jan 31, 2023

ElJaviLuki / CobaltStrike_OpenBeacon

Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts.

C 251 48 Updated Mar 13, 2024

maxDcb / DreamWalkers

Reflective shellcode loaderwith advanced call stack spoofing and .NET support.

C 219 43 Updated Sep 19, 2025

vari-sh / RedTeamGrimoire

🔥📜 Forbidden collection of Red Team sorcery 📜🔥

C 210 40 Updated Oct 3, 2025

loosehose / SilentButDeadly

SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version fo…

C 196 24 Updated Nov 3, 2025

AlmondOffSec / DCOMRunAs

Lateral movement with DCOM DLL hijacking

C 167 23 Updated Jul 4, 2025

M1ndo / WerDump

A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass

C 161 19 Updated Sep 22, 2025

klezVirus / RAIWhateverTrigger

Local SYSTEM auth trigger for relaying - X

C 150 16 Updated Jul 23, 2025

Maldev-Academy / LsassHijackingViaReg

Injecting DLL into LSASS at boot

C 145 28 Updated Apr 29, 2025

0xJs / EnumEDRs

Enumerate active EDR's on the system

C 143 25 Updated Sep 23, 2025

decoder-it / ChgPass

C 135 15 Updated Feb 11, 2025

voidvxvt / HellBunny

Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks

C 129 22 Updated Dec 22, 2024

R41N3RZUF477 / QuickAssist_UAC_Bypass

UAC Bypass using UIAccess program QuickAssist

C 128 16 Updated Feb 25, 2025

zarkones / BloodfangC2

Modern PIC implant for Windows (64 & 32 bit)

C 104 13 Updated Jul 23, 2025

Karkas66 / CelestialSpark

Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust

C 100 10 Updated Mar 27, 2025

captain-woof / malware-study

My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.

C 97 14 Updated Jun 16, 2025

Dor00tkit / BamExtensionTableHook

Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when attackers disable standard process notify callbacks.

C 91 14 Updated Jul 7, 2025

eurecom-s3 / lemon

eBPF Memory Dump Tool

C 90 11 Updated Aug 26, 2025

m417z / thread-call-stack-scanner

Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussions/15

C 78 4 Updated Jun 21, 2025

FFRI / ShadeBIOS

PoC code of Shade BIOS (stripped) presented at Black Hat USA 2025

C 59 9 Updated Jul 16, 2025

woldann / NThread

Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hooks.

C 56 5 Updated Oct 10, 2025
Next