Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

Principle of WinRAR key generation.

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

CORS Misconfiguration Scanner

.NET debugger and assembly editor

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

CVE-2021-40444 PoC

Preimage attack against NeuralHash 💣

Automation for javascript recon in bug bounty.

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

One stop place for exploiting Jira instances in your proximity

Collection of Scripts for shodan searching stuff.

The XSS Hunter service - a portable version of XSSHunter.com

ransomware open-sources

Rewrite of the popular wireless network auditor, "wifite"

Javascript Anti Cheats 101

Google's differential privacy libraries.

Ghidra is a software reverse engineering (SRE) framework

Executable that mutates its own code

Fast Elliptic Curve Cryptography in plain javascript

A simple SHA-256 / SHA-224 hash function for JavaScript supports UTF-8 encoding.

Defeating Windows User Account Control

fsociety Hacking Tools Pack – A Penetration Testing Framework

Poc, Presentation of Monitor OSD Exploitation, and shenanigans of high quality.

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

Do you think you are safe using private browsing or incognito mode?. 😄 👿 This will prove that you're wrong. Previously hosted at nothingprivate.ml

End-To-End is a crypto library to encrypt, decrypt, digital sign, and verify signed messages (implementing OpenPGP)

Password Hash Identification

Remote administration service which uses twitter as a command and control server