Starred repositories
A pure-Python library that lets you inspect, modify and search the memory of any running process in a few lines of Python 🐍 .
Async BOF that monitors USB device connect/disconnect events, reports device information and performs actions on connected USB storage volumes.
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
Bypass AMSI by patching AmsiScanBuffer
Fermion, an electron wrapper for Frida & Monaco.
A pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files
Code canaries to quickly triage hallucinated ('slop') vulnerability reports
Reimplementing Havoc Pro Runtime Channel Switching and Cobalt Strike UDC2 features.
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
Open-source, low-cost 10.5 GHz PLFM phased array RADAR system
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.
Cobalt-Strike / ElevateKit
Forked from rsmudge/ElevateKitThe Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.
PowerTools is a collection of PowerShell projects with a focus on offensive operations.
AdaptixC2 is a highly modular advanced redteam toolkit
Situational Awareness commands implemented using Beacon Object Files
rasta-mouse / ThreatCheck
Forked from matterpreter/DefenderCheckIdentifies the bytes that Microsoft Defender / AMSI Consumer flags on.
Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
React component for 2D, 3D, VR and AR force directed graphs
A collection of tips & tricks on how to escape a kiosk mode environment