Proof of concept to show that Edge stores credentials in cleartext

This repository contains the scanner component for Greenbone Community Edition.

Platform for emulation and dynamic analysis of Linux-based firmware

Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Exploitation Framework for Embedded Devices

网络摄像头漏洞扫描工具 | Webcam vulnerability scanning tool

助力红队成员一键生成免杀木马，使用rust实现 | Help Redteam members generate Evasive Anti-virus software Trojan

Bypass Chromium's App-Bound Encryption via Direct Syscall-based Reflective Process Hollowing. Extract cookies, passwords, payment methods & tokens from Chrome, Edge, Brave & Avast - fileless, user-…

Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys

Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671)

GreenPlasma Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

A BloodHound OpenGraph collector that models Windows local privilege escalation as interconnected attack paths.

Bof of RegPwn by MDSec

UAC bypass, Elevate, Persistence methods

Bring your own Unwind Data Framework

Windows Error Reporting ALPC Elevation of Privilege (CVE-2026-20817) - Proof-of-Concept exploit demonstrating local privilege escalation via WER service.

Havoc C2 BOF — WFP kernel-space SYSTEM escalation + command execution with indirect syscalls, patchless AMSI/ETW bypass, and return address spoofing

A PowerShell Module Dedicated to Reverse Engineering

PowerSploit - A PowerShell Post-Exploitation Framework

Extract Windows Defender database from vdm files and unpack it

SimpleHook hook部分代码

Another meterpreter injection technique using C# that attempts to bypass Defender

A free but powerful Windows kernel research tool.

Porting Windows Dynamic Link Libraries to Linux

Modern HTTP benchmarking tool

test

A slightly more fun way to disable windows defender + firewall. (through the WSC api)