The Havoc Framework

A Trace Explorer for Reverse Engineers

ConPtyShell - Fully Interactive Reverse Shell for Windows

Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.

LKM Linux rootkit

用来检测 windows 系统尚未安装的补丁信息，并根据指定的严重等级按顺序输出到文件中,可以作为 Windows 服务器运维人员日常检查更新或者网络安全人员对 Windows 服务器安全检查的有力工具，欢迎师傅们 star 支持。

Misc TaskScheduler Plays

整理并实现游戏开发中常见的数据结构和算法

Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Reverse Engineering: Decompiling Binary Code with Large Language Models

Evasive shellcode loader

mise-en-place JetBrain's IntelliJ platform supports

RpcView is a free tool to explore and decompile Microsoft RPC interfaces

one-click face swap

Quake III Arena GPL Source Release

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

For when DLLMain is the only way

Violent Fungus is a command and control (C2) software suite, providing red teams post-exploitation persistence and other juicy stuff. WIP.

an ida plugin used to decompile vmp

深入剖析il2cpp及HybridCLR实现的技术专栏

A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

Modifying SweetPotato to support load shellcode and webshell

various methods of making API calls

A library for loading ELF from memory and/or making Linux syscalls on Android written in pure Java.

Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.

A COFF Loader written in Rust

CDN Up and Running - Building a CDN from Scratch to Learn about CDN, Nginx, Lua, Prometheus, Grafana, Load balancing, and Containers.

This repo includes ChatGPT prompt curation to use ChatGPT and other LLM tools better.