🔒 Obfuscate Python code to enhance security, making reverse engineering harder for better protection in educational and research projects.

GhostLNK is a professional-grade Windows LNK (shortcut) file generator with advanced stealth capabilities. It converts remote URLs (Dropbox, VPS, etc.) into PowerShell commands, encodes them in Base64, and embeds them into legitimate-looking LNK files that bypass modern AV detection.

Red Team C2 Framework - NT syscall-direct memory injection (bypasses all AV/EDR), dual Cloudflare tunnels (Tor-routed), Rust agent with ConPTY full PTY shell + BITS covert C2, Nim/C#/PowerShell agents, MSF integration via ntdll shellcode injection, local Ollama AI assistant

NGP - Native Gadget Programming

a modular offensive security framework designed for executing Unicode-based attacks, like those seen in the "GlassWorm" compromises

AV evading cross platform Backdoor and Crypter Framework with a integrated lightweight webUI

A compact Python utility to extract, deobfuscate, and repackage Meterpreter payloads to bypassing detection (e.g., Windows Defender).

𝔫𝔢𝔵𝔱-𝔤𝔢𝔫 𝔠𝔯𝔶𝔭𝔱𝔬 𝔩𝔬𝔠𝔨𝔢𝔯 - 𝔫𝔬𝔱 𝔣𝔬𝔯 𝔦𝔩𝔩𝔢𝔤𝔞𝔩 𝔭𝔲𝔯𝔭𝔬𝔰𝔢

A Python script obfuscation tool for code protection and security

Tool/Library for Python used to obfuscate and protect your code in static and runtime from decompilation, reverse debug, etc. Also, can prevent detection by antiviruses.

A Powershell reverse shell obfuscator and av bypasser.

A Python-based tool for studying and practicing Windows PE binary obfuscation techniques.

The provided Python program, Inject-EXE.py, allows you to combine a malicious executable with a legitimate executable, producing a single output executable. This output executable will contain both the malicious and legitimate executables.

Hidden in plain sight! simple yet effective covert way to obfuscate data (e.g., shellcode), no one will tell gibberish from malicious!

eBPF evading C2

XMR Miner Malware

This package implements an advanced reverse shell console (supports: TCP, UDP, IRC, HTTP and DNS).

Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.

Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.