Portable package manager for Neovim that runs everywhere Neovim runs. Easily install and manage LSP servers, DAP servers, linters, and formatters.

Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Latest Burpsuite Professional Version 2025.*.*

PE file viewer/editor for Windows, Linux and MacOS.

My commands and scripts extending WinDbg

Nidhogg is an all-in-one simple to use windows kernel rootkit.

KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory

✨ AI-powered coding, seamlessly in Neovim

Keep long URLs out of your way in (Neo)Vim

Set of tools to analyze Windows sandboxes for exposed attack surface.

Adversary Emulation Framework

The Havoc Framework. c2

Defeating Windows User Account Control

Some POCs for my BYOVD research and find some vulnerable drivers

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom Java…

Heavily optimized library for DEFLATE/zlib/gzip compression and decompression

Obfuscation library based on C++11/14 and metaprogramming

AV/EDR evasion via direct system calls.