Portable Executable reversing tool with a friendly GUI

An even funnier way to disable windows defender. (through WSC api)

An open-source windows defender manager. Now you can disable windows defender permanently.

EDR Lab for Experimentation Purposes

Collect Windows telemetry for Maldev

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions

A PoC implementation for dynamically masking call stacks with timers.

A Beacon Object File (BOF) template for Visual Studio

Port of Cobalt Strike's Process Inject Kit

An example reference design for a proposed BOF PE

BOF with Synthetic Stackframe

A simple Sleepmask BOF example

Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames

Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintain stealth and robust OPSEC.

Proof-of-concept implementation of AI-enabled postex DLLs

A simple C++ Windows tool to get information about processes exposing named pipes.

The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23

Beacon Object File (BOF) to retrieve and decrypt the the LAPSv2 password from the Windows Active Directory and Microsoft Azure/Entra Active Directory.

Cobalt Strike BOF to fetch tokens from Token Broker cache