The fastest path to AI-powered full stack observability, even for lean teams.

A tiling window manager for macOS based on binary space partitioning

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

A little tool to play with Windows security

build-once run-anywhere c library

Small and highly portable detection tests based on MITRE's ATT&CK.

A highly customizable macOS status bar replacement

A repository for learning various heap exploitation techniques.

Official git repo for iodine dns tunnel

tiniest x86-64-linux emulator

A native, user-mode, multi-process, graphical debugger.

Course materials for Modern Binary Exploitation by RPISEC

Low-level unprivileged sandboxing tool used by Flatpak and similar projects

A command-line based markdown presentation tool.

Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

State-of-the-art native debugging tools

Transparently tunnel your IP traffic through ICMP echo and reply packets.

WinDivert: Windows Packet Divert

Source code of a multiple series of tutorials about the hypervisor. Available at: https://rayanfam.com/tutorials

A post exploitation framework designed to operate covertly on heavily monitored environments

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

The swiss army knife of LSASS dumping

Open-Source Shellcode & PE Packer

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

SSH man-in-the-middle tool