The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools. - GitHub - hackerhouse-opensource/Marble: The CIA's Marble Framework...

CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator. - GitHub - hackerhouse-opensource/Artillery: CIA UAC b...

Patching "signtool.exe" to accept expired certificates for code-signing. - GitHub - hackerhouse-opensource/SignToolEx: Patching "signtool.exe" to accept expired ...

EDR Lab for Experimentation Purposes. Contribute to Xacone/BestEdrOfTheMarket development by creating an account on GitHub.

Contribute to reewardius/bbFuzzing.txt development by creating an account on GitHub.

Microsoft search protocol enables clients to initiate connections against an enterprise search service such as SharePoint or WebDav. During these search connections the protocol server will respond…

Here we are elaborating the tactics, techniques, and procedures (TTPs) attackers are leveraging to compromise active directory and guidance

Translation of the CERT-UA Alert and Technical Analysis

In 2008, a Dutchman played a crucial role in the United States and Israeli-led operation to sabotage Iran’s nuclear program. The then 36-year-old Erik van Sabben infiltrated an Iranian nuclear complex and released the infamous Stuxnet virus, paralyzing the…

Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments. - GitHub - BC-SECURITY/Moriarty: Mor...

Tree of Attacks (TAP) Jailbreaking Implementation. Contribute to dreadnode/parley development by creating an account on GitHub.

nysm is a stealth post-exploitation container. Contribute to eeriedusk/nysm development by creating an account on GitHub.

This map lists the essential techniques to bypass anti-virus and EDR - matro7sh/BypassAV

An implementation of Tor, in Rust. (So far, it's a not-very-complete client. But watch this space!)

AAD Internals PowerShell module

This is a write-up of a vulnerability that I discovered in Windows. The vulnerability was patched in December’s Patch Tuesday, and the CVE assigned to it is CVE-2023-36003. The vulnerability allows a non-elevated process to inject a DLL into an elevated or…