#
Starred repositories
这是一个简单的技术科普教程项目,主要聚焦于解释一些有趣的,前沿的技术概念和原理。每篇文章都力求在 5 分钟内阅读完成。
本仓库包含对 Claude Code v1.0.33 进行逆向工程的完整研究和分析资料。包括对混淆源代码的深度技术分析、系统架构文档,以及重构 Claude Code agent 系统的实现蓝图。主要发现包括实时 Steering 机制、多 Agent 架构、智能上下文管理和工具执行管道。该项目为理解现代 AI agent 系统设计和实现提供技术参考。
A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
An even funnier way to disable windows defender. (through WSC api)
A Python implementation of a Python bytecode runner
Python decompiler for modern Python versions.
PoC & Exploit for CVE-2025-32023 / PlaidCTF 2025 "Zerodeo"
Minor tweaks to get this excellent Python bytecode decompiler running under Python 3.8-3.10
Toolkit to turn Chromium vulnerabilities into full-chain exploits
A fork of AFL for fuzzing Windows binaries
.NET DllExport with .NET Core support (aka 3F/DllExport aka DllExport.bat)
IngressNightmare POC. world first non-blind remote execution exploitation with multi-advanced exploitation methods. allow on disk exploitation. CVE-2025-24514 - auth-url injection, CVE-2025-1097 - …
PoC Exploit for the NTLM reflection SMB flaw.
🧙♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications
Interesting APT Report Collection And Some Special IOCs
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techniques
Set of tools to analyze Windows sandboxes for exposed attack surface.
A modern 32/64-bit position independent implant template
An LLM agent that conducts deep research (local and web) on any given topic and generates a long report with citations.
SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
bof-launcher - library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Ready to use in C/Zig/Rust/Go/C++ applications.