Remotely predicts identifies the presence of EDR/XDR solutions on networks

This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead in the field. It provides a valuable resource for those dedicated to improving their skills in malware development, malware research, offensive security, security defenses and measures.

🔭 Warping your own Internet everywhere you go 📡

Repository of scripts from my blog post on bypassing the YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellcode sequences.

XOR-encrypted shellcode injector for memory-based execution in remote processes, with integrated anti-analysis techniques.

Rust DLL Search Order Hijacking

A dynamic HTTP/s Payload Stager that automates updating decryption variables, saving time and effort in managing shellcode loaders.

Your syscall factory

Threadless Process Injection through entry point hijacking

Call stack spoofing for Rust

Unhooking NTDLL Without Reading It From Disk.

Evade EDR's the simple way, by not touching any of the API's they hook.

Nim process hollowing loader

Tampering System Calls Using Hardware Breakpoints For Evasion In D.

Implementation Of SysWhispers Direct / Indirect System Call Technique In D.

Utilizing Hardware Breakpoints For Hooking In D.

(EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.

Fetching Fresh System Call Stubs From NTDLL (Read From Disk) In D.

An Indirect System Call Based Shellcode Loader Written Fully In D.

PoC Implementation of a fully dynamic call stack spoofer