Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Horizen

Detector for Log4Shell exploitation attempts

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell

A practical example on how to perform sandwich attacks on Ethereum

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

log4j rce test environment and poc

An agent to hotpatch the log4j RCE from CVE-2021-44228.

A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

A vulnerability scanner for container images and filesystems

Using Driver Global Injection dll, it can hide DLL modules

Demos of various injection techniques found in malware

Dynamic unpacker based on PE-sieve

Fast HTTP package for Go. Tuned for high performance. Zero memory allocations in hot paths. Up to 10x faster than net/http

Library to load a DLL from memory.

Tool to search secrets in various filetypes.

Passive DNS Capture and Monitoring Toolkit

Original C Implementation of the Hell's Gate VX Technique

Fetch many paths for many hosts - without killing the hosts

🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engineering.（使用C和Intel x86汇编开发的Windows x86可执行文件打包工具，打包后的新文件可以阻碍逆向工程。）

Windows kernel hacking framework, driver template, hypervisor and API written on C++

A basic Windows DLL injector in C using CreateRemoteThread and LoadLibrary. Implemented for educational purposes.

A Powerful Subdomain Takeover Tool

Hide Process From Task Manager using Usermode API Hooking

Converts PE into a shellcode

Windows NT Syscall tables