A BOF that runs unmanaged PEs inline

A Go implementation of Cobalt Strike style BOF/COFF loaders.

game of active directory

Distribute and run LLMs with a single file.

LLM inference in C/C++

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository…

HookChain: A new perspective for Bypassing EDR Solutions

Python tool to check rootkits in Windows kernel

Filesystem in Userspace (FUSE) for Rust

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

A FUSE filesystem for your Google calendar

Customizable Linux Persistence Tool for Security Research and Detection Engineering.

A fancy self-hosted monitoring tool

Detect Base64 encoded content using Python.

Forensics artefact collection tool for systems running Microsoft Windows

Awesome Security lists for SOC/CERT/CTI

PoC to record audio from a Bluetooth device

A curated list of tools for incident response

File analysis and management framework.

Modified edition of cuckoo

Remote Administration Tool for Windows

A simple remote tool in C#.

This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.

Dump cookies and credentials directly from Chrome/Edge process memory

Torantula is a tool for isolating streams with Tor.

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digi…

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler…

A slightly more fun way to disable windows defender + firewall. (through the WSC api)

PE bin2bin obfuscator