🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Enabling the Windows Subsystem for Linux to include support for Wayland and X server related scenarios

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Project for learning V8 internals

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Lifetime AMSI bypass

Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.

Version 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)

CPP AV/EDR Killer

Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device objects

A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.

Manual DLL Injector using Thread Hijacking.

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

Qt interface for cling

Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper

simple c++ visual studio project that doesn't use the C/C++ runtime

A platform for building collaborative autonomy-focused applications.

League of Legends Python based scripting platform.