Some of the presentations, workshops, and labs I gave at public conferences.
☆34Oct 24, 2025Updated 4 months ago
Alternatives and similar repositories for conferences
Users that are interested in conferences are comparing it to the libraries listed below
Sorting:
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 8 months ago
- Rust crate to parse user-mode minidump files generated on Windows☆18Nov 17, 2025Updated 3 months ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- WinRAR 0day CVE-2025-8088 PoC RAR Archive☆45Aug 12, 2025Updated 6 months ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- ☆129Dec 4, 2023Updated 2 years ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 11 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- ☆27Mar 6, 2025Updated last year
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- Shellcode Loader Utilizing ETW Events☆67Feb 26, 2025Updated last year
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- List web account manager (WAM) accounts added to the current profile☆22Dec 11, 2025Updated 2 months ago
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- ☆12Jul 2, 2023Updated 2 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Apache Superset Auth Bypass (CVE-2023-27524)☆11May 9, 2023Updated 2 years ago
- Proxy function calls through the thread pool with ease☆31Feb 27, 2025Updated last year
- Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers☆126Sep 12, 2024Updated last year
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆31Feb 11, 2021Updated 5 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- ☆46Jun 21, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- Monitoring tool to detect patterns or IOCs (strings, regex, VirusTotal) and alert you and your team via console, Telegram or SMS written …☆18Feb 17, 2026Updated 2 weeks ago
- DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)☆15Aug 8, 2025Updated 6 months ago
- Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...☆169Sep 12, 2024Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated last year
- A collection of position independent coding resources☆107Nov 15, 2025Updated 3 months ago
- ACL Viewer for Windows☆133May 4, 2025Updated 10 months ago
- Host CLR and run .NET binaries using Rust☆151Dec 23, 2025Updated 2 months ago
- Spring-Kafka-Deserialization-Remote-Code-Execution☆32Oct 8, 2023Updated 2 years ago
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office3…☆168Jul 31, 2025Updated 7 months ago
- DLL injection with Microsoft detours☆22Dec 9, 2025Updated 2 months ago