TaintInduce is a project which aims to automate the creation of taint propagation rules for unknown instruction sets.

Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+Bloc…

LLM powered fuzzing via OSS-Fuzz.

A cross platform C2/post-exploitation framework.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

Greybox Synthesizer geared for deobfuscation of assembly instructions.

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…

x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code

MODeflattener deobfuscates control flow flattened functions obfuscated by OLLVM using Miasm.

PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.

Pack up to 3MB of data into a tweetable PNG polyglot file.

Binary Ninja plugin to identify obfuscated code and other interesting code constructs

This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable than currently available tools.

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Identify and remove opaque predicates and range dividers with miasm and radare2

SymCC: efficient compiler-based symbolic execution

A booklet on machine learning systems design with exercises. NOT the repo for the book "Designing Machine Learning Systems", which is `dmls-book`

Microsoft Threat Intelligence Security Tools

Open source pre-operation C2 server based on python and powershell

POC for cve-2019-1458

Code and exercises for a workshop on z3 and angr

Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSigners

A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.

🍺🐙 ZetZ a zymbolic verifier and tranzpiler to bare metal C

List of real-world threats against endpoint protection software

Adversary Tactics - PowerShell Training