Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijack execution flow

Simple C2 using GitHub repository as comms channel.

Home of OpenVMM and OpenHCL.

Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+Bloc…

A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables tha…

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…

Tooling to generate metadata for Win32 APIs in the Windows Driver Kit (WDK).

Dynamically invoke arbitrary unmanaged code

lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.

Obfusheader.h is a portable header file for C++14 compile-time obfuscation.

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, inst…

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

Firmware Analysis Tool

A TCP/UDP based network daemon fuzzer

A powerful and user-friendly binary analysis platform!

Reverse proxies cheatsheet

Symbolic execution tool

Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time

Tool to visualize the output of the WinDbg "wt" command as customizable graphic trees, to facilitate reverse engineering.

A method of bypassing EDR's active projection DLL's by preventing entry point exection

A C compiler targeting an artistically pleasing nightmare for reverse engineers

symbolic execution engine for Rust

The FLARE team's open-source tool to identify capabilities in executable files.

This repository contains my complete resources and coding practices for malware development using Rust 🦀.

Rust Weaponization for Red Team Engagements.

PoC Implementation of a fully dynamic call stack spoofer

A Go implementation of Cobalt Strike style BOF/COFF loaders.