Extracting Clear Text Passwords from mstsc.exe using API Hooking.

Active Directory ACL exploitation with BloodHound

DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely

Complete list of LPE exploits for Windows (starting from 2023)

Protocol Buffers with small code size

A Mythic Agent written in PIC C.

A header-only implementation of SipHash

Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]

A x64 Windows Rootkit using SSDT or Hypervisor hook

Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSigners

The RISC-V Virtual Machine

PoC for the Untrusted Pointer Dereference in the ks.sys driver

Bypassing UAC with SSPI Datagram Contexts

Payload encoding utility to effectively lower payload entropy.

Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Threat Intel IoCs + bits and pieces of dark matter

Efficient Deobfuscation of Linear Mixed Boolean-Arithmetic Expressions

Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)

anti debugging library in c++.

Implementation of sllvm obfuscator

Implement LLVM passes in python

Daedalus is an LLVM pass that compresses code by identifying and extracting recurrent program slices.

A collection of postmortems. Sorry for the delay in merging PRs!

Example of building an application verifer DLL

This is an implementation of a native-code Meterpreter, designed for portability, embeddability, and low resource utilization.

Unified repository for different Metasploit Framework payloads

C2 Infrastructure Automation