Lists (1)
Stars
Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool
VTIL2 is a ground-up reimagination of the VTIL Project, completely rewritten in modern C# with enterprise-grade architecture, performance optimizations, and developer experience enhancements. While…
A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables tha…
Adversary simulation and Red teaming platform with AI
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
A modern 32/64-bit position independent implant template
The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
Single-header, minimalistic, cross-platform hook library written in pure C
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
Transforms a .NET binary into a chain of meaningless-looking await expressions.
openpilot is an operating system for robotics. Currently, it upgrades the driver assistance system on 300+ supported cars.
A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode