Skip to content
View freefirex's full-sized avatar
136 followers · 4 following

Achievements

Achievement: Pull Sharkx2

Achievements

Achievement: Pull Sharkx2

Block or report freefirex

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

trustedsec / Titanis

Windows protocol library, including SMB and RPC implementations, among others.

C# 593 67 Updated Nov 3, 2025

MEhrn00 / boflink

Linker for Beacon Object Files

Rust 140 13 Updated Dec 22, 2025

x86matthew / WinVisor

WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API

C++ 623 45 Updated Jan 23, 2025

rotarydrone / GlobalUnProtect

Decrypt GlobalProtect configuration and cookie files.

C# 158 19 Updated Sep 10, 2024

EvanMcBroom / lsa-whisperer

Tools for interacting with authentication packages using their individual message protocols

C++ 361 32 Updated Dec 1, 2025

SafeBreach-Labs / PoolParty

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

C++ 1,224 167 Updated Dec 11, 2023

netero1010 / GhostTask

A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

C 594 67 Updated Jan 2, 2025

EvanMcBroom / w32t-client

An example MS-W32T client to show how to use midl.exe in a project managed by CMake

C++ 11 2 Updated Feb 25, 2023

EvanMcBroom / perfect-loader

Load a dynamic library from memory by modifying the native Windows loader

C++ 243 43 Updated Jun 18, 2025

Cracked5pider / Stardust

A modern 32/64-bit position independent implant template

C 1,271 208 Updated Mar 21, 2025

WKL-Sec / HiddenDesktop

HVNC for Cobalt Strike

C 1,294 199 Updated Dec 7, 2023

mlcsec / ASRenum-BOF

Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations

C++ 160 19 Updated Mar 1, 2024

HavocFramework / Havoc

The Havoc Framework

Go 8,021 1,147 Updated Dec 18, 2025

pathtofile / Sealighter

Sysmon-Like research tool for ETW

C++ 379 44 Updated Nov 15, 2022

CabbageDevelopment / qasync

Python library for using asyncio in Qt-based applications.

Python 387 54 Updated Nov 24, 2025

EspressoCake / Self_Deletion_BOF

BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs

C 188 23 Updated Oct 3, 2021

outflanknl / C2-Tool-Collection

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

C 1,347 214 Updated Oct 27, 2023

gtworek / PSBits

Simple (relatively) things allowing you to dig a bit deeper than usual.

C 3,425 553 Updated Oct 20, 2025

doulos0 / trustedart

9 Updated Sep 12, 2022

trustedsec / CS-Situational-Awareness-BOF

Situational Awareness commands implemented using Beacon Object Files

C 1,654 271 Updated Nov 24, 2025

boku7 / spawn

Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (AC…

C 470 73 Updated Mar 8, 2023

kacos2000 / WindowsTimeline

Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)

PowerShell 195 22 Updated Feb 16, 2023

itm4n / PPLdump

Dump the memory of a PPL with a userland exploit

C 885 142 Updated Jul 24, 2022

commial / experiments

Expriments

Python 476 81 Updated Oct 3, 2024

adamadair / NCmd

Provides a simple framework for writing line-oriented command interpreters in C#. Inspired by the Python cmd library.

C# 5 1 Updated Mar 1, 2018

LloydLabs / delete-self-poc

A way to delete a locked file, or current running executable, on disk.

C 612 101 Updated Nov 5, 2025

trustedsec / COFFLoader

C 603 86 Updated Jul 21, 2025

med0x2e / ExecuteAssembly

Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avo…

C++ 592 114 Updated Jul 26, 2021

threatexpress / malleable-c2

Cobalt Strike Malleable C2 Design and Reference Guide

1,741 304 Updated Dec 13, 2023

j00ru / windows-syscalls

Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)

HTML 2,473 353 Updated Apr 27, 2025
Next