Stars
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
Dump cookies and credentials directly from Chrome/Edge process memory
Qtap: An eBPF agent that captures pre-encrypted network traffic, providing rich context about egress connections and their originating processes.
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
Research code & papers from members of vx-underground.
TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.
Snoopy Command Logger is a small library that logs all program executions on your Linux/BSD system.
This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.
Exercises to learn how to fuzz with American Fuzzy Lop
Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.
proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With …
Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
Vulnerable server used for learning software exploitation
Turn off PatchGuard in real time for win7 (7600) ~ later
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.