A little tool to play with Windows security

The single instruction C compiler

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, T…

proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" fo…

Iceman Fork - Proxmark3

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

Open-Source Shellcode & PE Packer

Situational Awareness commands implemented using Beacon Object Files

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

A memory-based evasion technique which makes shellcode invisible from process start to end.

Dump the memory of a PPL with a userland exploit

A .NET Runtime for Cobalt Strike's Beacon Object Files

Enumerate and test Logitech wireless input devices for vulnerabilities with a nRF52840 radio dongle.

SensePost's modified hostapd for wifi attacks.

A Windows potato to privesc

rdp2tcp: open tcp tunnel through remote desktop connection.

A tiny Reverse Sock5 Proxy written in C :V

A keystroke / terminal logger for Linux.

Evil client portion of EAP relay attack

(Demo) 3rd party agent for Havoc

monitor and protect SSH sessions with eBPF

code for the Proxy DLL example blog post

exploit-exercises holds my solutions and thoughts on the exercises on exploit-exercises.com