Read text section bytes and format it for shellcode (64bit ELF only)

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Automatic Tools For Metabase Exploit Known As CVE-2023-38646

Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.

awesome-linux-rootkits

HAProxy Load Balancer's development branch (mirror of git.haproxy.org)

Mimikatz implementation in pure Python

Aggressor scripts for phases of a pen test or red team assessment

Process Injection

A collection of methods of Code Injection on Windows

Persisting in the Windows registry "invisibly"

A Splunk App containing Sigma detection rules, which can be updated from a Git repository.

Static based decoders for malware samples

Obfuscate a python code 2.x and 3.x

Proof of Concepts

CVE-2019-0859 1day Exploit

Fast Conversion Windows Dynamic Link Library To ShellCode

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

powershell codes of my blog.

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

A novel technique to hide code from debuggers & disassemblers

The goal of this repository is to document the most common techniques to bypass AppLocker.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Vulnerability examples.

Automation for internal Windows Penetrationtest / AD-Security

Embed and hide any file in an HTML file

Robber is open source tool for finding executables prone to DLL hijacking

UAC bypass, Elevate, Persistence methods

Defeating Windows User Account Control

Hide Driver By MiProcessLoaderEntry