rails and committee are good friends

Phishing with a fake reCAPTCHA

Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.

Defeating Windows User Account Control

Identifies the bytes that Microsoft Defender flags on.

Red Team C code repo

Windows Local Privilege Escalation Cookbook

Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.

In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack.

Secure example of an XPC helper written in Swift

Talk and materials for Offensive Con presentation - Privileged Helper Tools

Take over macOS Electron apps' TCC permissions

AutoMacTC: Automated Mac Forensic Triage Collector

This is the LLM integration app that contains the vulnerability; please use it to verify the vulnerability of the LLM integration app.

a ringcon based IDA Pro controller

AVTOKYO2023 Talks ~AIチャットボットに対する Prompt Injection と Filter Bypass~

GIMPLE obfuscator for C, C++, Go, ... all supported GCC targets and front-ends that use GIMPLE.

PoC code of AOT poisoning presented at Black Hat Asia 2023

User inline asm to anti-disassembly on arm64

Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.

Terminate AV/EDR leveraging BYOVD attack

A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions

shellcode免杀加载器，使用go实现，免杀bypass火绒、360、核晶、def等主流杀软

Tool for extracting information from newly spawned processes

A Java Extention for Burp Suite