Android kernel exploit for CVE-2025-38352, previously exploited in-the-wild. Targets vulnerable Linux kernels v5.10.x.

Stealthy Linux Kernel Rootkit for modern kernels (6x)

Rex is a safe and usable kernel extension framework that allows loading and executing Rust kernel extension programs in the place of eBPF.

Public repository of the Micro QuickJS Javascript Engine

CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways.

Collection of links on bad opsec

A fast file and content search extension powered by fzf, ripgrep and bat. Quickly search files or text inside your workspace using a terminal-based fuzzy finder.

A software library of stochastic streaming algorithms, a.k.a. sketches.

Interfaces to query ClickHouse databases from PostgreSQL

Original Proof-of-Concepts for React2Shell CVE-2025-55182

SpicyAD is a C# Active Directory penetration testing tool designed for authorized security assessments. It combines multiple AD attack techniques into a single, easy-to-use tool with both interacti…

Native macOS timeout command. Works through sleep, zero CPU, JSON output. Drop-in GNU replacement in 100KB.

A meta-language for Go that adds Result types, error propagation (?), and pattern matching while maintaining 100% Go ecosystem compatibility

Mea provides async primitives and combinators that are runtime agnostic.

A thread-per-core Rust runtime with IOCP/io_uring/polling.

Operating system and container binary deployment and upgrades

A fast usermode x86 and x86-64 emulator for Arm64 Linux

CVE-2025-50168 Exploit PoC — Pwn2Own Berlin 2025 - LPE(Windows 11) winning bug.

Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By following this approach, a security researcher will hopeful…

Cross-platform Rust rewrite of the GNU coreutils

A headless, extendable, multi-session, IDA Pro MCP framework.

Lightweight coding agent that runs in your terminal

KFuzz | Windows Kernel Code Coverage and Instrumentation

my try at recreating and exploiting some v8 CVEs

Exposing CharmingKitten's malicious activity for IRGC-IO Counterintelligence division (1500)