BlackLotus UEFI Windows Bootkit

A memory-based evasion technique which makes shellcode invisible from process start to end.

RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers (CSPs)

Java JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders

40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...

Native Syscalls Shellcode Injector

Collection of device converters to be used with zigbee-herdsman

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Execute unmanaged Windows executables in CobaltStrike Beacons

Peirates - Kubernetes Penetration Testing tool

Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique

Official git repo for iodine dns tunnel

Reverse engineering of an Arduino application

SysWhispers integrated shellcode loader w/ ETW patching, anti-sandboxing, & spoofed code signing certificates

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

ScareCrow - Payload creation framework designed around EDR bypass.

Apophis is a Bash script that leverages tools such as DotNetToJScript, ConfuserEx, Net-Obfuscator etc. to generate 'Shellcode runners'.

利用NTLM Hash读取Exchange邮件

CVE-2022-0847

VoIP Hopper Network Penetration Testing Tool - Jumping from one VLAN to the next! A network infrastructure penetration testing security tool. A tool to test for the (in)security of VLANS. It can mi…

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

Obfuscation method using virtual machine.

My implementation of Halo's Gate technique in C#

WireBug is a toolset for Voice-over-IP penetration testing

Beacon Object Files for roasting Active Directory

Dump LSASS like you mean it