个人构建MoE大模型：从预训练到DPO的完整实践

EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.

A unique introduction to native runtime obfuscation.

PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.

A collection of PoCs to do common things in unconventional ways

Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's using GPT-4 Vision to analyze them and construct daily activ…

A visual methodology tracking platform tailored for offensive security assessments

WPE x64 is a Windows software that can intercept and modify WinSock packets, with adaptive support for 32-bit and 64 bit target programs WPE x64 是一款可以拦截并修改 WinSock 封包的 Windows 软件，自适应支持 32 位及 64 位的目标程序

一个半自动化springboot打点工具，内置目前springboot所有漏洞

A Pure-Java MCP Server for JaDX Android Reverse Engineering Tool

Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH

BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).

Reproduce DeFi hacked incidents using Foundry.

Build sneaky & malicious LNK files.

A tool to transform Chromium browsers into a C2 Implant

GateSentinel 是一个现代化的 C2 (Command and Control) 框架，专为安全研究和渗透测试设计。该项目采用 Go 语言开发服务端，C 语言开发客户端，提供了强大的远程控制和管理功能。

一款使用rust开发的高性能正反向隧道代理工具，基于多路复用技术。

⚡️ Express inspired web framework written in Go

用友的一些反序列化链子以及1day，二开了狼组的YongYouNcTool，改了一下逻辑以及poc

EWSTool是一个针对EXCHANGE邮件服务器的后渗透利用工具。使用ews接口，实现人员邮箱列表获取、搜索邮件、下载邮件等实用功能。

A simple, decentralized mesh VPN with WireGuard support.

Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.

一款通过被动代理方式，利用主流 AI（如 Kimi、DeepSeek、GPT 等）检测越权漏洞的工具。其核心检测功能依托相关 AI 引擎的开放 API 构建，支持 HTTPS 协议的数据传输与交互。

《APT Individual Combat Guide》

IDA插件集合，含项目名称及项目地址，每日定时Clone项目。

Copier for golang, copy value from struct to struct and more

Malicious traffic detection system

安全服务集成化工具集

Hosting powershell sessions inside golang not using exec enabling bi directional communication

Tracing packets in the Linux networking stack & friends