This repo covers some code execution and AV Evasion methods for Macros in Office documents

One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html

To fix the Docker and UFW security flaw without disabling iptables

The single instruction C compiler

The x86 processor fuzzer

Hardware backdoors in some x86 CPUs

Active Directory ACL exploitation with BloodHound

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

Hide your payload in DNS

A starttls-capable transparent man-in-the-middle proxy

unofficial windows build of socat http://www.dest-unreach.org/socat/

Template-Driven AV/EDR Evasion Framework

Fast subdomains enumeration tool for penetration testers

Bypass UAC at any level by abusing the Program Compatibility Assistant with RPC, WDI, and more Windows components

Defeating Windows User Account Control

Small and highly portable detection tests based on MITRE's ATT&CK.

OSWE, OSEP, OSED, OSEE

The most advanced open-source browser fingerprinting library

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

Automatically exported from code.google.com/p/narly

IDA related stuff

Make JSON greppable!

Collection of Windows usermode exploits targeting various third-party software applications, these exploits were written in preparation for the Offsec CTP/OSCE certification

.NET debugger and assembly editor

.NET deobfuscator and unpacker.

Have fun with the LowFragmentationHeap

For Linux binary Exploitation

🤪 A list of funny and tricky JavaScript examples