🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Free and Open Source Reverse Engineering Platform powered by rizin

Easy to use open source fast database for search | Good alternative to Elasticsearch now | Drop-in replacement for E in the ELK stack

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

The Librum client application

Reverse Engineers' Hex Editor

Obfuscation library based on C++20 and metaprogramming

An Active Defense and EDR software to empower Blue Teams

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

NTLM relaying for Windows made easy

From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller

Penetration testing utility and antivirus assessment tool.

ATrace is a tool for tracing execution of binaries on Windows.

Windows Live Artifacts Acquisition Script

Comprehensive Windows Syscall Extraction & Analysis Framework

Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell process is created, the implant will be executed too.