Control WS2812B and many more types of digital RGB LEDs with an ESP32 over WiFi!

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

An even funnier way to disable windows defender. (through WSC api)

Converts PE into a shellcode

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Collection of various malicious functionality to aid in malware development

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…

Alternative Shellcode Execution Via Callbacks

Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.

EDR Lab for Experimentation Purposes

Process Hollowing (Malware Technique)

Hide your Powershell script in plain sight. Bypass all Powershell security features

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

Convert Inkscape SVG drawings to KiCad PCB and footprint modules

Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented…

This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation tech…

A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.

This repo contains C/C++ snippets that can be handy in specific offensive scenarios.

EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.

Lifetime AMSI bypass

WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API

NTLM relaying for Windows made easy

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…

Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive da…