curl-impersonate: A special build of curl that can impersonate Chrome & Firefox

Open source alternative to Auth0 / Firebase Auth

A lightweight data serialization & deserialization toolkit

Advanced VM detection library and tool

Gather and update all available and newest CVEs with their PoC.

A Rust library for parsing and writing MS Shell Links (shortcuts, *.lnk)

Perfect DLL Proxying using forwards with absolute paths.

Exploiting DLL Hijacking by DLL Proxying Super Easily

EDR Lab for Experimentation Purposes

Multilayered AV/EDR Evasion Framework

Efficient, lock-free, bounded Rust broadcast channel

This map lists the essential techniques to bypass anti-virus and EDR

Automatic Rust Obfuscator and Macro Library

Hardcore Debugging

A blazing fast™ multithreaded ROP Gadget finder. ropper / ropgadget alternative (currently x86 only)

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Collection of hypervisor detections

Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver

Windows tool for dumping malware PE files from memory back to disk for analysis.

rust wrappers for kernel mode synchronization primitives

Pure Rust PE Read/Write Library

🗑️ Chromium based password dumper for Windows

Cleans dependencies and build artifacts from your projects.

Ergonomic and modular web framework built with Tokio, Tower, and Hyper

Dear ImGui: Bloat-free Graphical User interface for C++ with minimal dependencies

Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

An idiomatic Rust mutex type for Windows kernel driver development.