Skip to content
View aels's full-sized avatar
💭
No business. Everyone will die.
💭
No business. Everyone will die.
174 followers · 345 following

Block or report aels

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

48 stars written in C
Clear filter

bol-van / zapret

DPI bypass multi platform

C 14,774 1,021 Updated Mar 12, 2026

FelixKratz / SketchyBar

A highly customizable macOS status bar replacement

C 11,429 151 Updated Feb 16, 2026

AFLplusplus / AFLplusplus

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

C 6,399 1,265 Updated Mar 22, 2026

FRRouting / frr

The FRRouting Protocol Suite

C 4,062 1,480 Updated Mar 27, 2026

gloxec / CrossC2

generate CobaltStrike's cross-platform payload

C 2,549 374 Updated Nov 20, 2023

Mr-Un1k0d3r / EDRs

C 2,173 361 Updated Feb 21, 2023

h3xduck / TripleCross

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

C 1,952 241 Updated Apr 7, 2024

netero1010 / EDRSilencer

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

C 1,833 240 Updated Nov 3, 2024

Mr-Un1k0d3r / SCShell

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

C 1,614 258 Updated Jul 10, 2023

cathugger / mkp224o

vanity address generator for tor onion v3 (ed25519) hidden services

C 1,563 176 Updated Feb 15, 2024

xaitax / Chrome-App-Bound-Encryption-Decryption

Bypass Chromium's App-Bound Encryption via Direct Syscall-based Reflective Process Hollowing. Extract cookies, passwords, payment methods & tokens from Chrome, Edge, Brave & Avast - fileless, user-…

C 1,485 249 Updated Feb 9, 2026

WKL-Sec / HiddenDesktop

HVNC for Cobalt Strike

C 1,309 199 Updated Dec 7, 2023

ly4k / PwnKit

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

C 1,294 205 Updated Jun 21, 2022

vanhauser-thc / thc-ipv6

IPv6 attack toolkit

C 1,163 226 Updated Sep 14, 2025

ryancdotorg / brainflayer

A proof-of-concept cracker for cryptocurrency brainwallets and other low entropy key algorithms.

C 995 493 Updated May 16, 2024

andybarry / flight

Flight code for MIT CSAIL Robot Locomotion Group flying-through-forests project

C 984 263 Updated Feb 18, 2017

MzHmO / Exploit-Street

Complete list of LPE exploits for Windows (starting from 2023)

C 917 129 Updated Mar 13, 2026

polygraphene / DirtyPipe-Android

Dirty Pipe root exploit for Android (Pixel 6)

C 851 140 Updated Jun 16, 2022

carloslack / KoviD

Red-Team LKM

C 636 87 Updated Dec 16, 2025

basil00 / Tallow

Tallow - Transparent Tor for Windows

C 559 120 Updated Sep 11, 2021

Maldev-Academy / DumpChromeSecrets

Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

C 557 78 Updated Jan 8, 2026

b1n4r1b01 / n-days

C 526 73 Updated Sep 28, 2025

chompie1337 / Windows_LPE_AFD_CVE-2023-21768

LPE exploit for CVE-2023-21768

C 506 169 Updated Jul 10, 2023

loosehose / SilentButDeadly

SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version fo…

C 444 66 Updated Nov 3, 2025

Bonfee / CVE-2022-25636

CVE-2022-25636

C 437 83 Updated Mar 7, 2022

MatheuZSecurity / RingReaper

Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls.

C 371 57 Updated Aug 29, 2025

farazsth98 / chronomaly

Android kernel exploit for CVE-2025-38352, previously exploited in-the-wild. Targets vulnerable x86_64 Linux kernels v5.10.x.

C 282 43 Updated Jan 5, 2026

Maldev-Academy / MaldevAcademyLdr.2

RunPE implementation with multiple evasive techniques (2)

C 278 37 Updated Sep 25, 2025

0xJs / BlockEDRTraffic

Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows Filtering Platform (WFP).

C 264 35 Updated Sep 23, 2025

0xNinjaCyclone / hellMaker

Generate FUD backdoors

C 263 56 Updated Mar 17, 2023
Next