Unbound is a validating, recursive, and caching DNS resolver.

Simple (relatively) things allowing you to dig a bit deeper than usual.

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

A modern 32/64-bit position independent implant template

Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.

MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

A collection of my Semgrep rules to facilitate vulnerability research.

A small x64 library to load dll's into memory.

Encrypted shellcode Injection to avoid Kernel triggered memory scans

Evasion kit for Cobalt Strike

PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.