Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.

Eigent: The Open Source Cowork Desktop to Unlock Your Exceptional Productivity.

WinDbg Copilot - Agentic Debugging extension

Master programming by recreating your favorite technologies from scratch.

Chisel new generation, written in rust. SSH under WSS with some customization.

wtftp.py is a tool to attack Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).

Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL privilege

A PowerShell app to tweak and customize Windows 10 & Windows 11 focusing on performance and quality of life

Custom Zoicware Configs for Windows 10 and 11

PowerShell Digital Forensics & Incident Response Scripts.

Force Remove Copilot, Recall and More in Windows 11

Lightweight Patchless Hooking Library for Windows

Robust and practical application control for Windows

Example of call stack spoofing trough the construction of syntetic frames and stack manipulation

Proxy system that routes traffic through Cloudflare Workers for IP rotation and anonymity

One WSL BOF to rule them all

The free and privacy-friendly screen recorder with no limits 🎥

A terminal-based SSH manager inspired by lazydocker and k9s - Written in go

EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.

This repo contains samples that demonstrate the API used in Windows classic desktop applications.

Web Extension for saving a faithful copy of a complete web page in a single HTML file

bof for interacting with WSL

This project is specifically made for brand new directory and ease their creation with all security rules in place.

A high-speed covert tunnel that disguises TCP traffic as SMTP email communication to bypass Deep Packet Inspection (DPI) firewalls.

Interract with Microsoft SQL Server (MS SQL | MSSQL) servers and their linked instances in restricted environments, without the need for complex T-SQL queries.

Implementing AES 256 CBC in AES-NI - MASM Format

A Fast (and safe) parser for the Windows XML Event Log (EVTX) format

A Compiler Writing Journey

Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)

Modern PIC implant for Windows (64 & 32 bit)