A collection of selected badUSB script for Flipper Zero, written by me. This repo is always Work In Progress.

Here are +200 different rats some with source code

Experiment on reproducing Obfuscate & Sleep

Building and Executing Position Independent Shellcode from Object Files in Memory

The code is a pingback to the Dark Vortex blog:

The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/

GhostWriting Injection Technique.

Most advanced and poorly coded windows batch obfuscator ever made (aka the best)

A SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses!

A standalone DLL that exports databases in cleartext once injected in the KeePass process.

openpilot is an open source driver assistance system. openpilot performs the functions of Automated Lane Centering and Adaptive Cruise Control for 250+ supported car makes and models.

This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, a…

Fileless atexec, no more need for port 445

Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.

Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution

PoC for onMouseMove HTML file used in the Russian APT Group campaign targeting Ukraine

Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain

An informational repo about hunting for adversaries in your IT environment.

Collection of methodology and test case for various web vulnerabilities.

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

NTLM relaying for Windows made easy

Evasion by machine code de-optimization.

Loki - Simple IOC and YARA Scanner

Utilities for obfuscating shellcode

Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine

Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.

A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

A somewhat wide collection of various kernelmode-usermode communication methods in one repository (mainly just for learning purposes).