Given delta compressed PE files, find download links for them on the Microsoft Symbol Server. No source PE file or VirusTotal access required.

Open-Source Shellcode & PE Packer

Shikata ga nai (仕方がない) encoder ported into go with several improvements

Remote Desktop Protocol in RUST

Windows memory hacking library

Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports.

Adapts the standard library cmd.py to use prompt-toolkit instead of readline

PoC for Zerologon - all research credits go to Tom Tervoort of Secura

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

Simple (relatively) things allowing you to dig a bit deeper than usual.

Windows AV Evasion

Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal

Pure Rust x86_64 bootloader and kernel

Windows 10 System Programming book samples

A Coverage Explorer for Reverse Engineers

A utility to safely generate malicious network traffic patterns and evaluate controls.

A toolset to make a system look as if it was the victim of an APT attack

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.

Dex to Java decompiler

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…

writings on anti-reverse engineering.

A login shell based on Docker containers.

Modify ELF executables

Implementation of G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries

Run a script on multiple SSH servers

Run compilers interactively from your web browser and interact with the assembly