Lists (13)
Starred repositories
DCOM in memory and fileless lateral movement techniques through .Net deserilization
Alternate ways to create process through COM via IDispatch interface.
This project leverages the legitimate "Netsh Helper DLL" functionality in Windows to execute malicious code (shellcode) within the context of the trusted netsh.exe process. Ideal for evasion and la…
RoguePlanet Windows Defender Vulnerability
AI productivity studio with smart chat, autonomous agents, and 300+ assistants. Unified access to frontier LLMs
A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server.
使用skill让 AI Agent 像安全分析师一样分析恶意样本 | AI Agent skill for automated malware analysis using IDA Pro
PoC for covert persistence via Windows Push Task Scheduler (WPTaskScheduler) RPC interface — invisible to schtasks, Get-ScheduledTask, and all standard enumeration tools. 利用 Windows Push Task Sched…
Busybox-style Beacon Object Files for *nix post-exploitation. Reimplements common Unix utilities as BOFs for use in stripped environments (Docker containers, Kubernetes pods, minimal VMs) where no …
AutoStart is a Windows persistence proof-of-concept that demonstrates how a program can survive reboots and logoffs using only legitimate, documented Win32 APIs.
Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub …
Simple virtual machine for a stack-based assembler language written in C#.
A simple stack-based Virtual Machine in C#
🔮⚡️Vein is an open source high-level strictly-typed programming language with a standalone OS, arm and quantum computing support.
simple compiler based on mingw to build uncrackable windows application against analysis tools
Make WinForms Great Again !!! A wallbreaker from WinForm.NET to Blazor WASM with less than 10% C# source code modify. even it use GDI+.
Z00bfuscator is the simple, open-source, cross-platform obfuscator for .NET Assemblies built on .NET Core
A modern and open source .NET obfuscation engine for everyone.
Multi-architecture Linux privilege escalation toolkit with 19 pre-built and runtime-compilable exploits. Auto-detects kernel version, filters patched exploits, tries each until root.
out-of-tree LLVM 21+ pass plugin for policy-driven IR obfuscation.
e-fin / OpenPsPipeJack
Forked from PowerShell/PowerShellOpen Source implementation of PsPipeJack
lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection
A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64 shellcode.