AV/EDR processes termination by exploiting a vulnerable driver (BYOVD)

Rust tool to detect cell site simulators on an orbic mobile hotspot

Efficient reliable UDP unicast, UDP multicast, and IPC message transport

This program show you IMSI numbers of cellphones around you.

Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP…

Practical implementation of Windows API functions categorized by [malapi.io]

AppLocker-Based EDR Neutralization

Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall

C programs for sockets, reverse shell, shellcode execution, and process injection.

DLL injection with Microsoft detours

Phantom Keylogger is an advanced, stealth-enabled keystroke and visual intelligence gathering system.

Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.

react2shell CVE-2025-55182 PoC

Evasion kit for Cobalt Strike

Usermode exploit to bypass any AC using a 0day shatter attack.

Malicious PixelCode is a security research project that demonstrates a covert technique for encoding executable files into pixel data and storing them inside images or videos. A lightweight loader …

Scripts and examples for "From Day Zero to Zero Day" by Eugene Lim.

A collection of Assembly language practice codes focused on understanding system calls, memory architecture, and low-level mechanics.

Indirect-Shellcode-Executor expoits the miss-configuration/vulnerability present on the API Windows method ReadProcessMemory discovered by DarkCoderSc. It exploits the nature of the in/out pointer …

protector & obfuscator & code virtualizer

Session Desktop - A Decentralized, Onion Routed, Private Messenger

Corelan Repository for mona.py

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

Detonate malware on VMs and get logs & detection status

A POC that shows basic protection method for your software. Packages to bytes, encrypts with XOR, saves to TMP file and opens/runs.

A Sliver C2 modification utility that enhances operational stealth by renaming protobuf definitions, regenerating protocol buffers, updating Go references, and resolving method call collisions. Des…

Educational Linux privilege escalation script for CTFs/OSCP. Explains WHAT/WHY/HOW for every vulnerability found. Highlights critical findings with red alerts. Extended mode default: cloud metadata…

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)