DCOM in memory and fileless lateral movement techniques through .Net deserilization

RoguePlanet Windows Defender Vulnerability

Hooking tool for libart.so and libdl.so, enabling instrumentation of both DEX and native code on Android.

Windows rat backdoor implant W/C2

Deobfuscate obfuscator.io, unminify and unpack bundled javascript

A Python framework for self-hosted LLM tool-calling and multi-step agentic workflows

Repository for information about 0-days exploited in-the-wild.

A Rust decompiler built on top of angr

Windows C/C++ development environment on Linux

Cobalt Strike BOF used to perform privilege escalation by exploiting the SeImpersonate privilege. Based on the original GodPotato PoC by BeichenDream.

Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64 shellcode.

A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY

A simple SWE style browser agent framework that achieves SOTA results on long horizon web tasks.

Windows named pipe hooking toolkit

A powerful and user-friendly binary analysis platform!

A Claude Code skill bundle for bug hunting and external red-team work — 71 skills, 15 slash commands, 681 disclosed-report patterns curated across 24 core vulnerability classes, plus enterprise ide…

A curated list of awesome Claude Skills, resources, and tools for customizing Claude AI workflows

Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provi…

Another BYOVD process killer. works on all EDR's. fully signed.

SysWhispers on Steroids - AV/EDR evasion via direct system calls.

The Monorepo Platform that amplifies both developers and AI agents. Nx optimizes your builds, scales your CI, and fixes failed PRs automatically. Ship in half the time.

BSides Prishtina 2024 Malware Development and Persistence workshop

Public talks, workshops and research presentations from BlackArrow

Vulnerability research assistant that extracts pseudocode from the IDA Hex-Rays decompiler.

Ghidra decompiler in your browser

Black-box web penetration testing automation framework for AI Agents

claude-red is a curated library of offensive security skills designed for the Claude skills system. Each skill is a structured SKILL.md file that primes Claude with expert-level methodology for a s…

Skills for Real Engineers. Straight from my .claude directory.

Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)

A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Callback Routine registering and ZwTerminateProcess.