killvxk

HyperDbg

HyperDbg debugger is an open-source, user mode and kernel mode Windows debugger with a focus on using hardware technologies.

barevisor

A bare minimum hypervisor on AMD and Intel processors for learners.

CerealKiller

.NET deserialization hunter

cpp-httplib

C++11 header-only HTTP/HTTPS sever library

EDR-XDR-AV-Killer

Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver

edr_blocker

Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in TLS Client Hello packet and the provided blocked server name (or blocked string) list in the file.

Havoc-C2-SSRF-poc

Havoc C2 0.7 Teamserver SSRF exploit

Nyx-Full-Dll-Unhook

(EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.

obfus.h

Macro-header for compile-time C obfuscation (tcc, win x86/x64)

Tiny-Compiler

A tinycompiler in C from scratch

comfyui-replicate

Run Replicate models as nodes in ComfyUI

deep-tempest

Restoration for TEMPEST images using deep-learning

defguard

The only ,real 2FA/MFA' WireGuard Enterprise VPN with build-in SSO, hardware keys management and more!

fideo-live-record

A convenient live broadcast recording software! Supports Tiktok, Youtube, Twitch, Bilibili, Bigo!(一款方便的直播录制软件! 支持tiktok, youtube, twitch, 抖音，虎牙，斗鱼，快手，微博，网易cc，bilibili，花椒, 淘宝)

FlowAnalyzer

FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).

Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

IPTraceabilityTool

蓝队值守利器-IP溯源工具

llama3-cake

Distributed LLama3 inference.

MS-SharePoint-July-Patch-RCE-PoC

pdf-exploit

pdf exploit 集成

recompiler

Xbox360 -> Windows executable converter

RemoteSessionEnum

Remotely Enumerate sessions using undocumented Windows Station APIs

revng-c

View8

View8 - Decompiles serialized V8 objects back into high-level readable code.

zig_experiments

.NET_PROFILER_DLL_LOADING

.NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit is loading a malicious DLL using Task Scheduler (MMC) to bypass UAC and getting admin privileges.

ascii-silhouettify

EvilnoVNC

Ready to go Phishing Platform

oneshell

Reverse shell listener and payload generator designed to work on most Linux targets

sharem

SHAREM is a shellcode analysis framework, capable of emulating more than 12,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.