Lists (16)
Starred repositories
The samples referenced in my book, Evasive Malware (No starch Press)
Slides and materials for the workshop "Reversing a (not-so-) Simple Rust Loader" at Ringzer0 COUNTERMEASURE 2025.
Beginner, advanced, expert level Rust training material
Collection of block cipher algorithms written in pure Rust
A collection of malware families and malware samples which use the Rust programming language.
A comprehensive guide and practical implementation of Message Queues (MsgQ) as an Inter-process Communication (IPC) technique.This repository walks through the creation, utilization, and management…
Collection of Windows Privilege Escalation (Analyse/PoC/Exploit)
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
Slides for Reverse Engineering 101 in 20 minutes as presented at Pancakes Con
Shellcode injection using the Windows Debugging API
Learn how to create Rubber Ducky-style USB implants with the Digispark Attiny85. Step-by-step setup, payload development and troubleshooting.
Starter pack for learning how to develop Kernel-Mode rootkits: basic proof-of-concepts, development environment configuration, and step-by-step resources to begin coding low-level rootkit component…
🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
ESXi Advanced and Kernel Settings
Windows KASLR bypass using prefetch side-channel
Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.
Defensive Linux rootkit via LD_PRELOAD library call interception. Focused on stealthy, non-disruptive monitoring of attacker behavior.
CVE-2025-50168 Exploit PoC — Pwn2Own Berlin 2025 - LPE(Windows 11) winning bug.
Disable PatchGuard and Driver Signature Enforcement at boot time
Universal PatchGuard and Driver Signature Enforcement Disable
RunPE implementation with multiple evasive techniques (2)