KittyLoader is a highly evasive loader written in C / Assembly

MCP Server for IDA Pro.

A simple emulator for Windows designed for reverse engineering, testing binary files, and execution logging.

Pocket Flow Tutorial Project: Turns GitHub repo into Easy Tutorial with AI

Multilayered AV/EDR Evasion Framework

Advanced Malware Dropper & Evasion Toolkit for Authorized Red Teaming

Very good and stable Android RATs. They are easy to use and they are very stable

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

Demoting PPL anti-malware services to less than a guest user

A feature rich DLL injection library.

windows rootkit

SysWhispers Shellcode Loader (Work in Progress)

.NET, PE, & Raw Shellcode Packer/Loader Written in Nim

Xeno-RAT is an open-source remote access tool (RAT) developed in C#, providing a comprehensive set of features for remote system management.

Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.

BlackLotus UEFI Windows Bootkit

Triple OS Malware development framework [ MacOS, Linux & Windows ]

利用物理内存映射，实现虚拟内存的伪隐藏

collection of apis used in malware development

A lightweight native DLL mapping library that supports mapping directly from memory

Nidhogg is an all-in-one simple to use rootkit for red teams.

UAC bypass for x64 Windows 7 - 11

Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

Public variation of FOLIAGE ( original developer )

Botnet using a Go and Bootstrap Based C2, Support for Windows, Linux and Android Clients.

Former UEFI Firmware Rootkit Replicating MoonBounce / ESPECTRE

Public variation of Titan Loader