Lists (11)
Stars
Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.
lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
A PowerShell console in C/C++ with all the security features disabled
WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API
StoneKeeper C2, an experimental EDR evasion framework for research purposes
A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabil…
Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具
Obfuscator for .NET and Mono, with a customizable engine for building your own obfuscators.
A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.
A collaborative, multi-platform, red teaming framework
A lightweight, secure, easy-to-use crypto library suitable for constrained environments.
Elastic Security detection content for Endpoint
Extracted Yara rules from Windows Defender mpavbase and mpasbase
Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.
Organized bookmarks to Win32API posts of Raymond Chen's blog "The Old New Thing".
An open source (GPLv3) deobfuscator and unpacker for Eziriz .NET Reactor
A generic cross-platform C library that includes many commonly used components and frameworks, and a new scripting language interpreter. It currently supports C99 and Aspect-Oriented Programming (…