VMPilot: A Modern C++ Virtual Machine SDK

Analyse your malware to surgically obfuscate it

This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.

BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

Python library for reading and writing Windows shortcut files (.lnk). Python 3 only.

HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate operating system tasks with ease.

UI tool for fine-tuning and testing your own LoRA models with LLaMA. One-click run on Google Colab.

rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.

Bypassing PatchGuard on modern x64 systems

Code examples in pyTorch and Tensorflow for CS230

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022

A new AMSI Bypass technique using .NET ALI Call Hooking.

Stop Windows Defender programmatically

It's pointy and it hurts!

火绒剑独立版

Resources and demos from the DEFCON 30 Brief "Space Jam: Exploring Radio Frequency Attacks in Outer Space" by James Pavur