Lightweight server monitoring with historical data, docker stats, and alerts.

Awesome EDR Bypass Resources For Ethical Hacking

Elastic Security detection content for Endpoint

A Reflective Loader for macOS

Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover

Arsenal of modules to beacon postex

A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.

Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, and reverting back memory protections and original memory state

KQL Queries. Microsoft Defender, Microsoft Sentinel

A collection of various and sundry code snippets that leverage .NET dynamic tradecraft

Centralized resource for listing and organizing known injection techniques and POCs

A centralized resource for previously documented WDAC bypass techniques

Self-mutating macOS implant

A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass

game of active directory

SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes.

A configuration framework that enhances Claude Code with specialized commands, cognitive personas, and development methodologies.

Lateral movement with DCOM DLL hijacking

Evasion kit for Cobalt Strike

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities.

Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

An open-source, free protector for .NET applications

The Witchcraft Compiler Collection

Open-source file hosting solution based on CloudFlare (Image hosting/File storage/Cloud drive) / 基于 CloudFlare 的开源文件托管解决方案（图床/文件床/网盘）

ebpf-go is a pure-Go library to read, modify and load eBPF programs and attach them to various hooks in the Linux kernel.

Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths

A tool for automatic patch shellcode into binary file to bypass AV. / 一个自动patch shellcode到二进制文件的工具

Nimbo-C2 is yet another (simple and lightweight) C2 framework