The Havoc Framework

An AI-powered extension for Ghidra that enhances analysis.

A rewrite of YARA in Rust.

Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techniques

Public repository of the QuickJS Javascript Engine.

Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread

Centralized resource for listing and organizing known injection techniques and POCs

Create adversarial attacks against machine learning Windows malware detectors

UPX - the Ultimate Packer for eXecutables

Cowrie SSH/Telnet Honeypot https://docs.cowrie.org/

x64/x86 Hooking through VectoredExceptionHandler (PAGE_GUARD method)

DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness (ICLR 2024)

HookChain: A new perspective for Bypassing EDR Solutions

This repo contains samples that demonstrate the API used in Windows classic desktop applications.

pefile is a Python module to read and work with PE (Portable Executable) files

Main Sigma Rule Repository

Process Injection using Thread Name

An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents

Brand New Code Injection for Windows

Recent Fuzzing Paper

A repository of sysmon configuration modules

Official repository for ResolverFuzz

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Zulip server and web application. Open-source team chat that helps teams stay productive and focused.

CasaOS - A simple, easy-to-use, elegant open-source Personal Cloud system.

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)