Functional Programming Library for C++. Write concise and readable C++ code.

PoC Anti-Rootkit/Anti-Cheat Driver.

A single-header ANSI C immediate mode cross-platform GUI library

ULTRA FAST Signature Scanner & Generator for IDA Pro 7/8/9+ Compiled with GCC

Tiny application that lets you force remote play together any game you have in your steam library including non-steam ones.

The history of Windows Internals via symbols.

Source2 games SDK generator

Pre-built Mesa3D drivers for Windows

Achieving code execution through abusing vectored exception handling

BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.

Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap

Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime

Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time

This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)

Load static-compiled PE from remote server.

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table

A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.

The official gpt4free repository | various collection of powerful language models | o4, o3 and deepseek r1, gpt-4.1, gemini 2.5

Use hardware breakpoints to spoof the call stack for both syscalls and API calls

Using CVE-2023-21768 to manual map kernel mode driver

Nidhogg is an all-in-one simple to use windows kernel rootkit.

A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

Call stack spoofing for Rust

PoC Implementation of a fully dynamic call stack spoofer

Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs

Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.

https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/

Shellcode injection technique. Given as C++ header, standalone Rust program or library.