Automatic Rust Obfuscator and Macro Library

Windows kernel and user mode emulation.

The FLARE team's open-source tool to identify capabilities in executable files.

Your Swiss Army knife to analyze malicious web traffic based on the popular Fiddler web debugger.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

ToolSet for VxWorks Based Embedded Device Analyses

Distributed advertisement-based BTLE presence detection reported via mqtt

PROFIBUS-DP stack

🎃 PumpBin is an Implant Generation Platform.

Celeste mod to produce randomized maps from existing level data

This repository contains the public work I produced, wheter it is research, post, slides, sometimes videos, and materials of my talks.

Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware

An official book about Rizin

Detect EDR's exceptions by inspecting processes' loaded modules

Reuse open handles to dynamically dump LSASS.

Attack Surface Management Platform

Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device objects

Shellcode loader using direct syscalls via Hell's Gate and payload encryption.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially documented and cannot be found in Windows Driver Kit (WDK) header…

Customizable Terminal Styled Website

Repo with different exploits & PoCs

Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5

Windows inside a Docker container.

Because AV evasion should be easy.

Reversing EasyAntiCheat.

A scalable overlay networking tool with a focus on performance, simplicity and security

Vagrant Base Boxes