🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

SQL powered operating system instrumentation, monitoring, and analytics.

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a rang…

A suite of WiFi/Bluetooth offensive and defensive tools for the ESP32

Tiny data-over-sound library

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Cyberpunk 2077 tweaks, hacks and scripting framework

cherrytree

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

WiFi HID Injector - An USB Rubberducky / BadUSB On Steroids.

Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

Obfuscation library based on C++20 and metaprogramming

Extracting Clear Text Passwords from mstsc.exe using API Hooking.

EDR Lab for Experimentation Purposes

Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

Exploit allowing you to read registry hives as non-admin on Windows 10 and 11

ProxiFyre: A Windows SOCKS5 proxifier leveraging NDISAPI to transparently route TCP and UDP traffic on a per-app basis.

A tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based in…

CVE-2020-15368, aka "How to exploit a vulnerable driver"

Tools for interacting with authentication packages using their individual message protocols

HTran is a connection bouncer, a kind of proxy server. A “listener” program is hacked stealthily onto an unsuspecting host anywhere on the Internet. When it receives signals from the actual target…

Load a dynamic library from memory by modifying the native Windows loader

The Hunter Cat NFC is the latest security tool for contactless (Near Field Communication) used in access control, identification and bank cards. Specially created to identify NFC readers and sniffi…

StoneKeeper C2, an experimental EDR evasion framework for research purposes

Example DLL to load from Windows NetShell

XOR decrypting shellcode using the GPU with OpenCL.

A PoC project for embedding shellcode to Hint/Name Table