Stars
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
load shellcode without P/D Invoke and VirtualProtect call.
Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
使深信服(Sangfor)开发的非自由的 VPN 软件 EasyConnect 和 aTrust 运行在 docker 或 podman 中,并作为网关和/或提供 socks5、http 代理服务
Privilege Escalation Enumeration Script for Windows
Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
.NET assembly loader with patching AMSI and ETW bypass
This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the …
A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and reflection techniques for code injection. This PoC showcases…
Cobalt Strike BOF for evasive .NET assembly execution
Hook system calls, context switches, page faults and more.
An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
Reverse Engineering: Decompiling Binary Code with Large Language Models
bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)
Find potential DLL Sideloads on your windows computer
A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabil…
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies
Syscall Shellcode Loader (Work in Progress)
Coverage-based fuzzer for python applications