Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

TinyChatEngine: On-Device LLM Inference Library

Another Windows Local Privilege Escalation from Service Account to System

Termcolor is a header-only C++ library for printing colored messages to the terminal. Written just for fun with a help of the Force.

HTTP Botnet

A memory scanning evasion technique

Token Privilege Research

OTA updates made slick and simple for everyone! (ESP8266, ESP32, RP2040+W, RP2350+W)

Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)

UAC bypass for x64 Windows 7 - 11

Enumerate and disable common sources of telemetry used by AV/EDR.

Evasive shellcode loader for bypassing event-based injection detection (PoC)

免杀姿势学习、记录、复现。

📝 ⌨️ A GNU/Linux keylogger that works!

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

DLL scatter manual mapper

Adaptive DLL hijacking / dynamic export forwarding

Exploit allowing you to read registry hives as non-admin on Windows 10 and 11

Shoggoth: Asmjit Based Polymorphic Encryptor

Post-exploitation tool for hiding processes from monitoring applications

makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]

Lilith - Foundational reverse engineering resource for cybersecurity entrepreneurs in C++

Support ALL Windows Version

💉 DLL/Shellcode injection techniques

A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.

A C++11 RESTful web server library

A C++ based, lightweight music and noise remover for YouTube and other internet media, using DeepFilterNet for audio enhancement.