LazyOwn RedTeam/APT Framework is the first RedTeam Framework with an AI-powered C&C, featuring rootkits to conceal campaigns, undetectable malleable implants compatible with Windows/Linux/Mac OSX, …

TeleTracker is a simple set of Python scripts designed for anyone investigating Telegram channels. It helps you send messages quickly and gather useful channel information easily.

List dll resources

Obsidian setup for OSCP Exam & Labs

Enumerating EDR WhiteListed Processes

Detect and Delete Security Products

Local Thread Cleaner allows us to clean specific or all the stack entries of a thread in our current process.

Call Stack Spoofer, a Windows-based tool that allows modifying the call stack of a suspended thread. It takes a list of memory addresses as arguments and writes them into the stack

Threat Hijacking Simple Implementation

C++ Code to Patch AMSI in Remote Processes

ShellcodeCrypterVSExtension is a Visual Studio extension that provides a simple XORand AES-based encryption and decryption tool. It allows developers to encrypt shellcode using a key. This extensio…

Toolkit of Projects to attack and evade Event Trace for Windows

Selective In-Memory Syscall Unhooking, a stealthy method to bypass user-mode hooks in ntdll.dll

Multi-component Remote Access Trojan: C++ client (victim), C# server, and Angular frontend.

RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++

Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM

Advanced in-memory process injection using transient SEC_IMAGE sections, custom crypter, and ADS payload delivery no disk traces, maximum stealth.

Username enumeration and password spraying tool aimed at Microsoft O365.

This Repo contains steps to convert BloodHound Legacy Customqueries.json to the new format used by BloodHound Community Edition (BHCE)

Uncover the true IP address of websites safeguarded by Cloudflare & Others

Find, analyze, and check for exposed IP cameras with open ports, known vulnerabilities, and weak login credentials.

Seamless remote browser session control

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

Module to generate and verify Authenticode signatures

An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts.

Koth - TryHackMe Tricks

A simple script to automate systemd backdoor