An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Penetration testing utility and antivirus assessment tool.

Unorthodox and stealthy way to inject a DLL into the explorer using icons

EmpireCTF – write-ups, capture the flag, cybersecurity

A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educational use only.

Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).

AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.

It records your screenshots and code, then lets you upload to ASHIRT

Windows Administrator level Implant.

This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)

x86 Trampoline Hook

"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.

This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission and write the shellcode.

This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.

Advance Injection attacks for Password and Credentials execution in Graphic user Interface.

🔑 WiFi captive portal that capture credentials for ESP8266. Designed for Wireless Penetration tests.

A wifi tool using the esp32

Dump a process memory and extract data based on regular expressions.

peTool is a tool designed to extract various information from Portable Executable

dll/so/dyLib Injector for educational purposes