Open-Source Shellcode & PE Packer

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

Windows tool for dumping malware PE files from memory back to disk for analysis.

Windows Event Log Killer

A tracing and troubleshooting tool for PHP scripts.

Interactive CTF Exploration Tool

Situational Awareness commands implemented using Beacon Object Files

Simple reverse ICMP shell

LSASS memory dumper using direct system calls and API unhooking.

My proof-of-concept exploits for the Linux kernel

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

Dump cookies and credentials directly from Chrome/Edge process memory

Windows NT Syscall tables

🚨 rdesktop is in need of a new maintainter. Please see the home page for more details. 🚨

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Qemu KVM(Kernel Virtual Machine)学习笔记

LoadLibrary for offensive operations

bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)

AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With …

Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)

VMware Escape Exploit before VMware WorkStation 12.5.5

Minimalistic VT-x hypervisor with hooks

Dirty Pipe root exploit for Android (Pixel 6)

some vul

Tool for extracting information from newly spawned processes

A Pwn2Own exploit chain

TCP Port Redirection Utility

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…

Various Cobalt Strike BOFs

在Windows环境下的进程注入方法：远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入