Execute shellcode from a remote-hosted bin file using Winhttp.

Load and execute COFF files and Cobalt Strike BOFs in-memory

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

PE obfuscator with Evasion in mind

C or BOF file to extract WebKit master key to decrypt user cookie

Exploit tool implemented using ebpf.

Take a screenshot without injection for Cobalt Strike

Java JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders

关于RPC一些绕EDR的tips

使用JNI加密字节码，通过JVMTI解密字节码以保护代码，支持自定义包名和密钥，使用魔法禁止黑客dump字节码

Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...

Shaco is a linux agent for havoc

Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique

In-memory token vault BOF for Cobalt Strike

A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.

Cobalt Strike BOF that Add a user to localgroup by samr

Simple BOF to read the protection level of a process

Bypass the Event Trace Windows(ETW) and unhook ntdll.

The simple, fast, powerful SYN/TCP port scanner source code

Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver

The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section

Modified versions of the Cobalt Strike Process Injection Kit

A utility to fix intentionally corrupted UPX packed files.