🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…

Analyze ELF binaries like a boss 😼🕵️‍♂️

An universal Dear ImGui Hook for Directx12 D3D12 (D3D11, D3D10 and maybe Vulkan will be added later)

Universal Directx11 D3D11 Hook Project for all directx11 - 10 applications with ImGui and InputHook included, fullscreen supported.

MemProcFS

A simple and easy-to-use library to enjoy videogames programming

Hunts out CobaltStrike beacons and logs operator command output

Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths

JSON for Modern C++

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

🕵️‍♂️ All-in-one OSINT tool for analysing any website

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

UAC bypass by abusing RPC and debug objects.

Scanning APK file for URIs, endpoints & secrets.

SysWhispers on Steroids - AV/EDR evasion via direct system calls.

Load your driver like win32k.sys

ROP-based sleep obfuscation to evade memory scanners

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

Web path scanner

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

Some of my windows kernel exploits for learning purposes

🚀AI拟声: 5秒内克隆您的声音并生成任意语音内容 Clone a voice in 5 seconds to generate arbitrary speech in real-time

Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.

A tiny Reverse Sock5 Proxy written in C :V

Some helpful preload libraries for pwning stuff.

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

A minimalist Jekyll theme for your resume.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.