Red-Teamer & Malware Dev | CRTL
LitterBox. A self-hosted sandbox for red teams to test payloads against modern detection before deployment. MCP integration lets an LLM agent drive analysis end to end.
1.5kBYOVD. BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055, CVE-2026-3609, CVE-2026-8501).
846GhostDriver. yet another AV killer tool using BYOVD
313NovaLdr. Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
267NyxInvoke. NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
240Rusty-Playground. Some Rust program I wrote while learning Malware Development
160Invoke-DumpMDEConfig. PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges required )
155HolyGrail. BYOVD hunter to help prioritize windows drivers worth manual analysis
130Maverick. Adaptix C2 agent using Crystal Palace PIC linker and PICO module system
97PT-ToolKit. Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement
72Cheshire. Adaptix C2 service plugin that drives LitterBox payload analysis from the operator UI.
61CheckPlz. Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
41GeckoDroid. Android Client for AdaptixC2
33CredsHunter. PoC for CVE-2026-3609 - XIGNCODE3 xhunter1.sys handle leak enabling PPL bypass and LSASS dumping
28DeadManSwitch. DeadManSwitch in rust with several triggers (remote local and network)
21PwnBox-Kali. Bash Script to automate the process of setting up a new Kali Linux virtual machine to look a like HTB PwnBox
21OdinEye. Create a private Discord CTI "Dashboard" using various Discord bots It,'s a simple and effective way to stay informed and up-to-date on the latest developments and news in Offensive Security World
20patriot. C++
9PoC-in-GitHub. 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
70day. 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
4BlackSnufkin.
2LSTAR-EN. LSTAR - CobaltStrike Translated to EN
1