Skip to content
View mq1n's full-sized avatar
😎
[object Object]
😎
[object Object]
473 followers · 66 following
  • Turkey

Achievements

Achievement: Pull Sharkx2Achievement: Starstruckx3Achievement: Arctic Code Vault Contributor

Achievements

Achievement: Pull Sharkx2Achievement: Starstruckx3Achievement: Arctic Code Vault Contributor

Organizations

@NoMercy-ac

Block or report mq1n

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Stars

1337

152 repositories

joaoviictorti / shadow

Windows Kernel Rootkit in Rust

Rust 679 70 Updated Oct 10, 2025

JanielDary / ImmoralFiber

Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)

C++ 280 37 Updated Sep 18, 2024

acrono / cve-2024-6387-poc

32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo/cve-2024-6387-poc

C 384 87 Updated Jul 1, 2024

memN0ps / illusion-rs

Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)

Rust 340 39 Updated Aug 31, 2024

vxCrypt0r / Voidgate

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…

C++ 592 84 Updated Jun 12, 2024

SafeBreach-Labs / PoolParty

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

C++ 1,245 171 Updated Dec 11, 2023

Idov31 / Nidhogg

Nidhogg is an all-in-one simple to use windows kernel rootkit.

C++ 2,259 319 Updated Feb 15, 2026

MrSaighnal / GCR-Google-Calendar-RAT

Google Calendar RAT is a PoC of Command&Control over Google Calendar Events

Python 262 43 Updated Aug 19, 2025

Nadharm / CoVirt

A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).

C 36 10 Updated Oct 26, 2025

ldpreload / Medusa

LD_PRELOAD Rootkit

C 303 75 Updated Apr 5, 2025

ldpreload / BlackLotus

BlackLotus UEFI Windows Bootkit

C 2,185 478 Updated Mar 28, 2024

trustedsec / CS-Situational-Awareness-BOF

Situational Awareness commands implemented using Beacon Object Files

C 1,717 277 Updated Jan 5, 2026

memN0ps / matrix-rs

Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)

Rust 317 36 Updated Jul 7, 2024

namazso / MagicSigner

Signtool for expired certificates

C++ 514 54 Updated Jun 10, 2023

memN0ps / redlotus-rs

Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)

Rust 563 74 Updated Sep 12, 2023

zer0condition / ReverseKit

x64 Dynamic Reverse Engineering Toolkit

C++ 742 107 Updated May 30, 2023

SaadAhla / HeapCrypt

Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap

C++ 246 45 Updated Aug 2, 2023

XaFF-XaFF / Black-Angel-Rootkit

Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.

C++ 674 115 Updated Nov 9, 2023

SamuelTulach / nullmap

Using CVE-2023-21768 to manual map kernel mode driver

C 197 38 Updated Mar 10, 2023

Wack0 / CVE-2022-21894

baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability

C 349 63 Updated Sep 27, 2023

tandasat / Hypervisor-101-in-Rust

The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.

Rust 1,168 74 Updated Sep 27, 2025

1401199262 / Hook-KdTrap

C++ 223 81 Updated Mar 11, 2023

kkent030315 / CVE-2022-42046

CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM

C++ 162 26 Updated Dec 24, 2022

mrh0wl / Cloudmare

Cloudflare, Sucuri, Incapsula real IP tracker.

Python 1,761 236 Updated Jul 25, 2023

namazso / linux_injector

A simple ptrace-less shared library injector for x64 Linux

C++ 281 27 Updated Jan 27, 2023

Jemmy1228 / HookSigntool

C 565 177 Updated Jan 7, 2020

yardenshafir / cet-research

A collection of tools, source code, and papers researching Windows' implementation of CET.

C 88 17 Updated Oct 6, 2020

lehmenkuehler / camera-triggerbot

A Raspberry Pi 4 Based Camera Triggerbot

Python 66 11 Updated Jun 21, 2022

Cryptogenic / PS5-IPV6-Kernel-Exploit

An experimental webkit-based kernel exploit (Arb. R/W) for the PS5 on <= 4.51FW

JavaScript 915 107 Updated Feb 7, 2024

binarly-io / FwHunt

The Binarly Firmware Hunt (FwHunt) rule format was designed to scan for known vulnerabilities in UEFI firmware.

242 28 Updated Mar 12, 2024