🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

PlayStation 3 emulator and debugger

Record and Replay Framework

Google SafetyNet attestation workarounds for Magisk

Open source SDR 4G software suite from Software Radio Systems (SRS) https://docs.srsran.com/projects/4g

Hex-Rays Decompiler plugin for better code navigation

A Pin Tool for tracing API calls etc

DRAKVUF Black-box Binary Analysis

Injects frida gadget using zygisk to bypass anti-tamper checks.

Evasive shellcode loader for bypassing event-based injection detection (PoC)

Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented…

Lifetime AMSI bypass

A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.

Credential Guard Bypass Via Patching Wdigest Memory

Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime

This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (…

Collection of random RedTeam scripts.

Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) passed into AMSI during dynamic execution.

DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.

The code I write in my blog

Identify JTAG ports using your favorite Arduino.

CVE-2021-1732 poc & exp; tested on 20H2

Identify Serial Wire Debug (SWD) clock and io lines using your favorite Arduino.

Modifications to Apple's dsc_extractor to fix ObjC selector names. You don't need this.

A stateful fuzzing engine.