Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.

A minimal, sidebar, responsive web design Jekyll theme that focuses on text presentation.

Collection of BloodHound queries for Azure

WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API

A Reflective Loader for macOS

Simple (relatively) things allowing you to dig a bit deeper than usual.

Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)

LKM rootkit for modern kernels, with DNS C2 and a simple web interface

Collect Windows telemetry for Maldev

A C2 post-exploitation framework

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

64-bit, position-independent implant template for Windows in Rust.

ViperX Research Labs

The Minimalistic x86/x64 API Hooking Library for Windows

havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets

RISC-V Virtual Machine

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

Discover resources created in an AWS account.

A rust library that allows you to host the CLR and execute dotnet binaries.

An modern 64-bit position independent implant template

BlackLotus UEFI Windows Bootkit

rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.

CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.

Repo for storing CTF related stuff (Writeups, etc.)

Tunnel all your traffic over websocket protocol - Bypass firewalls/DPI - Static binary available