Bypass LSA protection using the BYODLL technique

PE bin2bin obfuscator

CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways.

Dynamically invoke arbitrary unmanaged code

Tunnel TCP connections through a file

Create Anti-Copy DRM Malware

A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,…

not a reverse-engineered version of the Cobalt Strike Beacon

Windows Token Stealing Expert

Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!!!)

一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.

Process Injection using Thread Name

一款综合性网络安全检测和运维工具，旨在快速资产发现、识别、检测，构建基础资产信息库，协助甲方安全团队或者安全运维人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

⚡ Create infinite UAC prompts forcing a user to run as admin ⚡

A BOF that runs unmanaged PEs inline

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

Wireshark RDP resources

Gel4y-Mini-Shell-Backdoor-Decode

New generation of wmiexec.py

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

Hardcore Debugging

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.

Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.

A slightly more fun way to disable windows defender + firewall. (through the WSC api)

PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.

Shikata ga nai (仕方がない) encoder ported into go with several improvements