Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths

Extracted Yara rules from Windows Defender mpavbase and mpasbase

The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samples are uploaded for education purposes for red and blue teams.

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

EDRSandblast-GodFault

Library and tools to access the Windows Shortcut File (LNK) format

Send phishing messages and attachments to Microsoft Teams users

BlackLotus UEFI Windows Bootkit

Wiki to collect Red Team infrastructure hardening resources

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

USB Rubber Ducky type scripts written for the DigiSpark.

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

Fast and lightweight x86/x86-64 disassembler and code generation library

A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022

A new AMSI Bypass technique using .NET ALI Call Hooking.

Spartacus DLL Hijacking Discovery Tool

Office 365 scripts and information

Obfuscation library based on C++11/14 and metaprogramming

Chromium Cookie import / export tool

A generator of weird files (binary polyglots, near polyglots...)

Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs

documentations, slides decks...

Proof of Concepts (PE, PDF...)

CAPTCHA22 is a toolset for building, and training, CAPTCHA cracking models using neural networks.

A collection of random bits of information common to many individual penetration tests, red teams, and other assessments