15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal.
☆132Mar 27, 2026Updated last month
Alternatives and similar repositories for goodboy-framework
Users that are interested in goodboy-framework are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…☆40Oct 26, 2023Updated 2 years ago
- Smilex-Eye is a high-speed, advanced OSINT suite that bridges the gap between raw global internet data and actionable security intelligen…☆34Jan 4, 2026Updated 3 months ago
- Enhanced, Faster, Better version of the exploit☆25Dec 27, 2025Updated 4 months ago
- Network Fuzzing Framework☆64Jan 17, 2026Updated 3 months ago
- Static Encrypt is an crate that encrypts string literals at compile time and only decrypted at runtime when needed.☆58Jan 17, 2026Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆100Jan 10, 2026Updated 3 months ago
- A powerful shell script for creating custom WSL (Windows Subsystem for Linux) distributions with embedded payloads.☆72Nov 16, 2025Updated 5 months ago
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆32Feb 7, 2022Updated 4 years ago
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated 10 months ago
- A collection of vibe reverse engineered binaries and malware (for educational purposes only)☆41Mar 3, 2026Updated last month
- converts sRDI compatible dlls to shellcode☆38Jan 20, 2025Updated last year
- Run shellcode via EnumDesktopsA. C++ implementation☆13Jun 27, 2022Updated 3 years ago
- A professional Red Team / Pentest tool for assessing the external perimeter of a company in a complete "black box" mode (zero knowledge, …☆30Feb 15, 2026Updated 2 months ago
- This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerSh…☆14Jun 2, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆10Jan 3, 2023Updated 3 years ago
- This repository contains a collection of scripts I use regularly for offensive security-related tasks.☆16Mar 9, 2026Updated last month
- Pure Go rewrite of knockknock☆11Feb 7, 2023Updated 3 years ago
- ☆108Aug 21, 2024Updated last year
- ☆57Apr 16, 2026Updated last week
- A small C library for the XChaCha20 stream cipher☆41May 27, 2023Updated 2 years ago
- POC☆43Jul 21, 2025Updated 9 months ago
- ☆48Feb 11, 2023Updated 3 years ago
- ☆15Feb 12, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- 7z exploit POC versions prior to 25.01☆32Aug 11, 2025Updated 8 months ago
- Script written in python to perform Resource-Based Constrained Delegation (RBCD) attack by leveraging Impacket toolkit.☆22Jul 6, 2021Updated 4 years ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆83Nov 6, 2025Updated 5 months ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- ☆15Dec 12, 2023Updated 2 years ago
- A Cobalt Strike RL built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and sta…☆199Mar 15, 2026Updated last month
- Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV☆26Sep 26, 2022Updated 3 years ago
- Docker container for running CobaltStrike 4.7 and above☆25Mar 20, 2025Updated last year
- Native Powers Talk demos☆18Jan 30, 2026Updated 2 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆96Jan 2, 2026Updated 3 months ago
- ☆50Jun 6, 2025Updated 10 months ago
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆146Apr 15, 2026Updated 2 weeks ago
- Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by s…☆109Apr 9, 2026Updated 2 weeks ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Open-source stealer logs parser and visualization dashboard that structures and presents log data to facilitate analysis.☆82Apr 16, 2026Updated 2 weeks ago
- Slides and resources from MCTTP 2025 Talk☆70Oct 26, 2025Updated 6 months ago