Generate DLL proxy/sideload projects. Automatically parses PE export tables and generates ready-to-compile project for red team engagements github.com/Whitecat18/L...

Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons github.com/EricEsquivel... #redteam

Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack, implemented in C++ and Python github.com/ricardojoser... #redteam

Creation of multiple Malware tools consisting of evasion, enumeration and exploitation github.com/CaptMag/MalDev

📢 New article about GAC Hijacking to perform Code Execution and Persistence 📖 1x Playbook - A structured breakdown of the full approach 💡 3x Detection Opportunities 🏹 2x Threat Hunting Queries - Defender & Splunk ipurple.team/2026/02/10/g...

CustomDpapi: Calling the undocumented DPAPI RPC interface directly, no more calling public CryptUnprotectData! github.com/EvilBytecode...

An open-source port/reimplementation of the Cobalt Strike BOF Loader

Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers (Chrome, Microsoft Edge, Firefox, Opera, Opera GX, and Vivaldi)

DbgNexum - a Proof-of-Concept for injecting shellcode using the Windows Debugging API and Shared Memory (File Mapping).

Aether C2 - Aether project operates on a Full Duplex, End-to-End Encrypted channel, utilizing direct WinAPI syscalls for evasion and a modular architecture for scalability github.com/256AndreiAES...

Ghostly Hollowing Via Tampered Syscalls github.com/Maldev-Acade...