Evasion for Cobalt Strike

Lateral Movement Bof with MSI ODBC Driver Install

AWS X-Ray for Covert Command & Control

Pentesting post exploitation tool for slack

The DCE/RPC / MS-RPC Codegen/Client for Go

A living guide to lesser-known and evasive Windows API abuses used in malware, with practical reverse engineering notes, YARA detections, and behavioral indicators.

A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass

EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.

Cobalt Strike BOF for evasive .NET assembly execution

Obfuscate specific windows apis with different apis

Proof-of-concept implementation of AI-enabled postex DLLs

Python library for Adversarial ML Evaluation

A Python toolbox to create adversarial examples that fool neural networks in PyTorch, TensorFlow, and JAX

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

A Little Book on Adversarial AI

Python based GUI for browsing LDAP

Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130

A modern C++20 header-only library for advanced direct system call invocation.

Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic

Shellcode injector using direct syscalls

Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH

Automated compiler obfuscation for nim

Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.

A BOF to regularly check for active users on a target.

Permanently disable EDRs as local admin

A collection of PoCs to do common things in unconventional ways

Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.