Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Venom is a library that meant to perform evasive communication using stolen browser socket

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective efforts. By contributing, you’ll help strengthen the project and push the boundaries of what we can achieve together.

Position-idependent Windows DLL loader based on ReflectiveDLL project.

A Bumblebee-inspired Crypter

DNS and Target HTTP History Local Storage and Search

Side-channel file transfer between independent VMs or processes executed on the same physical host.

NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg

A data-hiding / steganography-like CLI tool for JPG images.

Proof of Concept - Hooking API calls of a Ransomware

A data-hiding / steganography-like CLI tool for PNG images.

Nidhogg is an all-in-one simple to use rootkit for red teams.

Qt Cpp Reverse shell

A data-hiding / steganography-like CLI tool for JPG images.

proof of concepts, CTF writeups, misc. scripts, blog material, etc.