💻 C++ Functional Terminal User Interface. ❤️

A continuation of the famous quasar remote administration tool

Tool for viewing NTDS.dit

CV generator built with Nuxt.js, TailwindCSS, deployed on Netlify.

Automatically created C2 Feeds

Userland exec PoC to be used as attack vector technique

remote process injections using pool party techniques

Reaping treasures from strings in remote processes memory

Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-native executables.

Patch termsrv.dll so that multiple remote users can open an RDP session on a non-Windows Server computer

Compile shell scripts to static binaries.

WMI virus, because funny

lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection

A PoC for Early Cascade process injection technique.

.NET/PowerShell/VBA Offensive Security Obfuscator

WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API

Penelope Shell Handler

The DataExplorer plugin integrates the pattern language from ImHex into x64dbg.

Extract and execute a PE embedded within a PNG file using an LNK file.

A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints

Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver

Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.

Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing ntoskrnl.exe for Zw-prefixed system calls.

DLL that hooks the ExtTextOutW API and hides the testsigning mode watermark