Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.

A post exploitation framework designed to operate covertly on heavily monitored environments

Windows process injection methods

A lightweight remote access trojan in Rust

Real-time face swap for PC streaming or video calls

RottenPotato local privilege escalation from service account to SYSTEM

Crypter, binder & downloader with native & .NET stub, evasive by design, user friendly UI

Examples of leaking Kernel Mode information from User Mode on Windows

EndPointer is a command-line tool designed to crawl a given URL and list all discovered endpoints. Utilizing the Colly web scraping library, EndPointer efficiently navigates through websites to pro…

Run a Exe File (PE Module) in memory (like an Application Loader)

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

ransomware open-sources

Dump cookies directly from Chrome process memory

LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)

KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc

UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.

Great explanation of Process Hollowing (a Technique often used in Malware)

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

Real-world infosec wordlists, updated regularly

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Generate Gmail Emailing Keyloggers to Windows.

A slightly more fun way to disable windows defender + firewall. (through the WSC api)

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading

C2 Powershell Command & Control Framework with BuiltIn Commands

#1 Trusted Ethical Hacking AI for Bug Bounty

The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.

Your next stealthy Remote Access Trojan

Windows Remote Administration Tool via Telegram

A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.