Stars
Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames
BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).
Weaponize DLL hijacking easily. Backdoor any function in any DLL.
PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.
Open source simulator for autonomous vehicles built on Unreal Engine / Unity, from Microsoft AI & Research
ZeroMQ core engine in C++, implements ZMTP/3.1
JUCE is an open-source cross-platform C++ application framework for desktop and mobile applications, including VST, VST3, AU, AUv3, LV2 and AAX audio plug-ins.
GoogleTest - Google Testing and Mocking Framework
Rust implementation of the Microsoft Remote Desktop Protocol (RDP)
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities) to load a unsigned driver
Nameless C2 - A C2 with all its components written in Rust
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
Exploit vulnerabilities in NeacSafe64.sys to achieve privilege escalation and kernel-mode shellcode execution
L3MON is a web-based Remote Administration Tool ( android-RAT ) for managing Android devices via a secure Node.js dashboard. Supports real-time monitoring, data extraction, and remote control for e…
👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware
AndroRAT | Remote Administrator Tool for Android OS Hacking
A multifunctional Telegram based Android RAT without port forwarding.
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible
A Kernel Driver that can be used for a cheat or malware base to circumvent common cache & structure table checks. PsLoadedModuleList however requires a PG Bypass on (Some) Machines > 22H2 Win10, No…
该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。
Matplot++: A C++ Graphics Library for Data Visualization 📊🗾
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
A curated list of awesome header-only C++ libraries
A collection of out-of-tree Clang plugins for teaching and learning