A Compiler Writing Journey

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Fast and lightweight x86/x86-64 disassembler and code generation library

A hacker's userspace TCP/IP stack

A post exploitation framework designed to operate covertly on heavily monitored environments

A tiny neural network library

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

A modern 32/64-bit position independent implant template

LoadLibrary for offensive operations

BitTorrent DHT library

PIC lsass dumper using cloned handles

This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.

Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (AC…

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting…

Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!

A shellcode function to encrypt a running process image when sleeping.

NINA: No Injection, No Allocation x64 Process Injection Technique

Load and execute COFF files and Cobalt Strike BOFs in-memory

BitTorrent DHT bootstrap node