AntiDebugging sample sources written in C++

powershell tool for VM evasion

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

CoffeeShot: Avoid Detection with Memory Injection

OSfooler-ng prevents remote active/passive OS fingerprinting by tools like nmap or p0f

PyMultitor - Python Multi Threaded Tor Proxy

Now You See Me, Now You Don't

A x64 Windows Rootkit using SSDT or Hypervisor hook

Sandman is a NTP based backdoor for hardened networks.

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques and used by Patchwork group.

Check your WAF before an attacker does

Adversary Emulation Framework

Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST

Connect like there is no firewall. Securely.

kill anti-malware protected processes ( BYOVD )

This map lists the essential techniques to bypass anti-virus and EDR

Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)

MacroExploit use in excel sheet

Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.

BlackLotus UEFI Windows Bootkit

LKM Linux rootkit

yet another AV killer tool using BYOVD

nysm is a stealth post-exploitation container.

A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.

Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.

Because AV evasion should be easy.

Real fucking shellcode encryptor & obfuscator tool

Reflective PE packer.