KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Public open-source code of malware Stuxnet (aka MyRTUs).

Nginx 18.1 04/09/22 zero-day repo

Curating Falco rules with MITRE ATT&CK Matrix

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

Latest ios RCE Vulnerability disclosed by Google Security Researcher

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

Discord client zero-click RCE

C++ malware specifically built to extract Discord authentication tokens and personally identifying information.

CVE-2024-52940 - A zero-day vulnerability in AnyDesk's "Allow Direct Connections" feature, discovered and registered by Ebrahim Shafiei (EbraSha), exposing public and private IP addresses. For details, visit the NVD, Tenable, or MITRE pages.

How to develop your own zero day vulnerabilities for iOS

Log4Shell Zero-Day Exploit Proof of Concept

"Otax", a popularized shitty discord zero-day exploit. A bullshit writeup on it was released by a larper called HellSec.

📜 This script uses steganography and a Discord client vulnerability in order to run javascript on all computers viewing a certain image within Discord.

Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit

A python based exploit to test out rapid reset attack (CVE-2023-44487)

This tool will help you to find CVEs, exploits, or possible 0-Days for a specific technology.

Zero-Day Vulnerability in File Manager Plugin 6.7 ( CVE 2020-25213 )

Blocking smartscreen, security center, forensic processes and 3rd party security applications on Windows Operating Systems

Trophy list of zero-day vulnerabilities that I discovered