A C Implementation for using a new method to invoke undetectable indirect syscalls

🧙‍♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications

An experimental high-performance DNS query bruteforce tool built with AF_XDP for extremely fast and accurate bulk DNS lookups.

Windows Access token manipulation tool made in C#

A C/C++/Asm template for PIC malware

APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files

Python黑客编程之极速入门

OCRmyPDF adds an OCR text layer to scanned PDF files, allowing them to be searched

C++ Encrypted SSL/TLS REVERSE SHELL, designed to provide secure, encrypted communication between a compromised client and an attacker, while blending seamlessly into HTTP traffic.

Active Directory certificate abuse.

Reflective DLL Injection Made Bella

DDSpoof is a tool that enables DHCP DNS Dynamic Update attacks against Microsoft DHCP servers in AD environments.

Lockless BOF

Automated DLL Sideloading Tool With EDR Evasion Capabilities

TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.

A tool designed to increase privacy on Windows and counter malware using various techniques.

主要记录网络安全学习笔记，包含WEB安全、提权、APP渗透、内网渗透、横向移动、红队、工具学习等

ArgFuscator.net is an open-source, stand-alone web application that helps generate obfuscated command lines for common system-native executables.

WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API

Utilities for obfuscating shellcode

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

A PoC for Early Cascade process injection technique.

ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features.

drizzleDumper是一款基于内存搜索的Android脱壳工具。

Divulge Stealer a highly advanced info-stealer that outperforms its predecessor, Umbral-Stealer by Blank-c. This new iteration is a complete overhaul with enhanced capabilities, targeting 25 major …

A Reflective Loader for macOS

Stage 0

A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions