Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available

A proxy to expose real tls handshake to the firewall

Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

牛屎花 一款基于WEB界面的远程主机管理工具

🤖 Kill The Protected Process 🤖

CVE-2023-34312

Threadless Process Injection through entry point hijacking

A COFF loader made in Rust

基于rustdesk修改的远程桌面软件，将agent部分分离出来

Single stub direct and indirect syscalling with runtime SSN resolving for windows.

CobaltStrike beacon in rust

(First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls and all hooked functions (incl. hooked NtProtectVirtualMemory)

Detect EDR's exceptions by inspecting processes' loaded modules

A memory-based evasion technique which makes shellcode invisible from process start to end.