LotL RMM

Living Off The Land Drivers

Random source codes

JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom Java…

Proof-of-Concept files for vulnerabilities found by Codean Labs

Chrome V8 n-day exploits that I've written.

Sample PowerShell module and scripts for managing Azure AD Identity Protection service

Opensource assets and vulnerability scanning tool

Toolkit to weaponize Chromium vulnerabilities into reliable, cross-platform, full-chain exploits

CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)

A crappy LSASS dumper with no ASCII art

Exploitation of echo_driver.sys

iOS Crash Dump Analysis Book

Slide decks from my conference presentations

Publishing advisories for CVEs found by POST Cyberforce

Bypassing AppLocker with C#

No Sandbox - Applications That Run Chromium and Chrome Without The Sandbox. TL;DR exploits in these browser based applications are already sandboxed escaped: https://no-sandbox.io/

An effort to track security vendors' use of Microsoft's Antimalware Scan Interface

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

Exploits for Android Binder bug CVE-2020-0041

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A sort of simple shell which support multiple protocols.

Adversary Tactics - PowerShell Training