Highlights
- Pro
Lists (22)
Sort Name ascending (A-Z)
AD tradecraft
Attacking LLMs
BOFLoaders
BOFLoaders - No specific languageC2 frameworks
Cloud red team
Detection
Detection engineering
Evasion tradecraft
Fuzzing
Infra
Jailbreak
Linux tradecraft
LLVM-obfuscators
macOS tradecraft
Methodologies
Red team / Pentest methodologiesPE Loaders
Rootkits
Rust Features
Training
Training Labs
Web testing
Windows dev tools
Tools to help with dev or RE on windows.Starred repositories
CallBack-Techniques for Shellcode execution ported to Nim
64-bit, position-independent reverse tcp shell, built in Rust for Windows.
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption,…
🪐 Objaverse-XL is a Universe of 10M+ 3D Objects. Contains API Scripts for Downloading and Processing!
A build-time information stored in your rust project.(binary,lib,cdylib,dylib)
Slack enumeration and exposed secrets detection tool
64-bit, position-independent implant template for Windows in Rust.
Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
heroims / obfuscator
Forked from obfuscator-llvm/obfuscatorollvm,base on llvm-clang 5.0.2, 6.0.1 , 7.0.1,8.0,9.0,9.0.1,10.x,11.x,12.x,13.x,14.x,swift-llvm-clang 5.0,swift-llvm-clang 5.5
A command and control framework written in rust.
EDR & Antivirus Bypass to Gain Shell Access
Rust library allowing to register multiple handlers for the same signal
Nameless C2 - A C2 with all its components written in Rust
DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
HookChain: A new perspective for Bypassing EDR Solutions
Gofrette is a reverse shell payload developed in Golang that bypasses Windows defender and many others anti-virus.
Bypass the Event Trace Windows(ETW) and unhook ntdll.
A cross-platform rust no-std library for verifying and extracting signature information from PE files.
This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at the forefront of the field. It serves as a central repository…
radius2 is a fast binary emulation and symbolic execution framework using radare2
Symbolic execution of LLVM IR with an engine written in Rust