Skip to content
View xkroot's full-sized avatar
51 followers · 763 following

Achievements

Achievement: Starstruck

Achievements

Achievement: Starstruck

Block or report xkroot

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

pjt3591oo / bpfdoor

C 14 4 Updated May 1, 2025

EricEsquivel / Inline-EA

Cobalt Strike BOF for evasive .NET assembly execution

C 320 37 Updated Mar 31, 2025

EricEsquivel / CobaltStrike-Linux-Beacon

Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons

C 211 40 Updated Feb 11, 2026

0xROOTPLS / Fritter

Fritter is a heavily modified fork of TheWover and Odzhan's Donut shellcode generator.

C 232 35 Updated Jun 11, 2026

Otsmane-Ahmed / KEIP

Kernel-Enforced Install-Time Policies (KEIP): An eBPF/LSM based security tool that detects and blocks malicious network activity during pip install.Kernel-Enforced Install-Time Policies (KEIP): An …

Python 53 6 Updated Jun 1, 2026

MaorSabag / Adaptix-StealthPalace

Forked from h41th/Simple-Crystal-Palace-RDLL-template-for-Adaptix

Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration

C++ 139 15 Updated Jun 5, 2026

yarrick / iodine

Official git repo for iodine dns tunnel

C 7,907 596 Updated Sep 4, 2025

rapid7 / mettle

This is an implementation of a native-code Meterpreter, designed for portability, embeddability, and low resource utilization.

C 473 134 Updated May 11, 2026

keowu / Ryujin

Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool

C++ 338 49 Updated Nov 20, 2025

EgeBalci / deoptimizer

Evasion by machine code de-optimization.

Rust 427 31 Updated Jul 22, 2024

kyxiaxiang / MiaoMeow

Simple Linux Rat ?

C++ 20 4 Updated Dec 21, 2025

CheckPointSW / VectoredOverloading

C++ 125 20 Updated Dec 11, 2025

CCob / goreflect

Reflective DLL loading of your favorite Golang program

C 174 20 Updated Jan 27, 2020

praetorian-inc / PortBender

TCP Port Redirection Utility

C 782 120 Updated Jan 31, 2023

trustedsec / trevorc2

TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.

C 1,330 281 Updated Jan 31, 2022

Cobalt-Strike / icmp-udc2

UDC2 implementation that provides an ICMP C2 channel

Python 123 17 Updated Nov 24, 2025

NtDallas / BOF_RunPe

BOF to run PE in Cobalt Strike Beacon without console creation

C++ 198 24 Updated Nov 23, 2025

entropy-z / Kharon

Agent for AdaptixC2 with focus in evasion, capability and malleable.

C 214 51 Updated Apr 26, 2026

ac3ss0r / obfusheader.h

Obfusheader.h is a portable header file for C++14 compile-time obfuscation.

C++ 1,010 120 Updated Aug 19, 2024

trustedsec / specula

Python 236 24 Updated Jun 10, 2025

AlmondOffSec / LibTPLoadLib

Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared library. Format inspired by @rasta-mouse's LibTP.

C 88 6 Updated Nov 6, 2025

KittenBusters / CharmingKitten

Exposing CharmingKitten's malicious activity for IRGC-IO Counterintelligence division (1500)

C# 431 102 Updated Oct 27, 2025

MrAle98 / Sliver-CPPImplant2

Sliver agent rewritten in C++

C++ 49 8 Updated Sep 4, 2024

S3N4T0R-0X0 / PixelCode-Attack

Malicious PixelCode is a security research project that demonstrates a covert technique for encoding executable files into pixel data and storing them inside images or videos. A lightweight loader …

C++ 172 37 Updated Feb 2, 2026

AxtMueller / Windows-Kernel-Explorer

A free but powerful Windows kernel research tool.

2,694 579 Updated Dec 14, 2025

ReversecLabs / Ninjasploit

A meterpreter extension for applying hooks to avoid windows defender memory scans

C 249 41 Updated Aug 13, 2020

Octoberfest7 / Inline-Execute-PE

Execute unmanaged Windows executables in CobaltStrike Beacons

C 723 104 Updated Mar 4, 2023

ex0dus-0x / fuzzable

Framework for Automating Fuzzable Target Discovery with Static Analysis.

Python 550 59 Updated Jun 11, 2026

sakkis91 / SandboxPPL

Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.

Go 14 3 Updated May 28, 2025

chokepoint / azazel

Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-dete…

C 806 182 Updated Mar 7, 2024
Next