Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping

Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.

C# Based Universal API Unhooker

Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging

E-mails, subdomains and names Harvester - OSINT

Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll

Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)

AV/EDR evasion via direct system calls.

A curated list of awesome resources related to executable packing

Open-Source Shellcode & PE Packer

Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework

Template-Driven AV/EDR Evasion Framework

Callisto - An Intelligent Binary Vulnerability Analysis Tool

You shall pass

A memory scanning evasion technique

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

A collaborative, multi-platform, red teaming framework

PowerShell rebuilt in C# for Red Teaming purposes

Ransomware simulation script written in PowerShell. Useful for testing your defenses and backups against real ransomware-like activity in a controlled setting.

Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant

-------> RAFEL<------ Android Rat Written in Java With WebPanel For Controlling Victims...Hack Android Devices

An open-source .NET Ransomware

Next-Gen Stealer written in Go. Stealing from Discord, Chromium-Based & Firefox-Based Browsers, Crypto Wallets and more, from every user on every disk. (PoC. For educational purposes only)

Implementing the ghostly hollowing PE injection technique using tampered syscalls.

metame is a metamorphic code engine for arbitrary executables

Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.