Den Haag, Netherlands

Ege Balcı

Elite
@EgeBalci

Security Researcher

sgn. Shikata ga nai (仕方がない) encoder ported into go with several improvements

2k

amber. Reflective PE packer.

1.4k

HERCULES. HERCULES is a special payload generator that can bypass antivirus softwares.

601

deoptimizer. Evasion by machine code de-optimization.

428

EGESPLOIT. EGESPLOIT is a golang library for malware development

339

evilreplay. Seamless remote browser session control

235

Cminer. Cminer is a tool for enumerating the code caves in PE files.

155

Keylogger. Simple C++ Keylogger...

147

ARCANUS. ARCANUS is a customized payload generator/handler.

144

WSAAcceptBackdoor. Winsock accept() Backdoor Implant.

118

Hook_API. Assembly block for hooking windows API functions.

97

IAT_API. Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

85

Mass-Hacker-Arsenal. Massive arsenal of hacker tools...

83

The-Eye. Simple security surveillance script for linux distributions.

60

syscall_api. Assembly

38

MapPE. PE file mapping and manipulation package.

36

Ticketbleed. This is a tool for exploiting Ticketbleed (CVE-2016-9244) vulnerability.

30

zippo. Zippo is a archive payload generator for testing XSS, (Zip/Tar/Gzip) slip vulnerabilities.

25

SelfDefense. Several self-defense shellcodes

23

sub7. Clone of https://gitlab.com/illwill/sub7 repo.

20

crc32_api. Assembly API block that uses CRC32 for resolving Windows API function addresses

19

MSF-Self-Defence. Self defense post module for metasploit

17

AgentTesla_RCE. AgentTesla botnet C&C RCE exploit.

16

meterpreter. Basic multi platform meterpreter loader module.

16

AzorultDecryptor. Brute-force script for finding azorult XOR key.

14

MSF-Telegram-Notify. Telegram notification for metasploit sessions.

14

Injector. Simple shellcode injector.

13

KPOT-Decryptor. Tool for finding KPOT XOR key using known-plaintext attack.

13

keystone-go. Keystone binding for golang

13

BitBender. BitBender is a byte manipulation tool

12

CVE-2022-29154. HIP2022 presentation materials.

9

urlscan-go. URLScan Go API client

7

poe2-whisper-bot. Telegram bot for redirecting POE2 trade messages.

6

CVE-2018-8065. Flexense HTTP Server <= 10.6.24 - Denial Of Service Exploit

6

PEzor. Read the blog post here: https://iwantmore.pizza/posts/PEzor.html

6

No-Consolation. A BOF that runs unmanaged PEs inline

6

LdrLibraryEx. A small x64 library to load dll's into memory.

5

ARMBot_RCE. ARM Bot RCE Exploit.

5

malware-1. Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.

5

Saddam. DDoS Amplification Tool

5

Botnet. Botnet

5

Crypter. Windows Crypter

4

ransomware. A windows crypto-ransomware (Academic)

4

COFF-Loader. A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader

4

hidden-tear. ransomware open-sources

4

metasploit-framework. Metasploit Framework

4

DreamLoader. Simple 32/64-bit PEs loader.

4

spy-extension. A Chrome extension that will steal literally everything it can

4

ShellcodeTemplate. An easily modifiable shellcode template for Windows x64/x86

4

machineid. Get the unique machine id of any host (without admin privileges)

3

Cpp-Keylogger. Advanced keylogger made in C++ that works on Window 7, 8, 8.1, And 10 - Use at your own discretion

3

GoDefender. Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.

3

AtomPePacker. A Highly capable Pe Packer

3

LG-Smart-IP-Device-Backup-Download. Exploit for downloading backup files from LG Smart IP Devices.

2

tracee. Linux Runtime Security and Forensics using eBPF

2

Nidhogg. Nidhogg is an all-in-one simple to use rootkit for red teams.

2

MicroBackdoor. Small and convenient C2 tool for Windows targets

2

TurkoRat. Fully undetected grabber (grabs wallets, passwords, cookies, modifies discord client etc.)

2

kopycat. Linux Kernel module-less implant (backdoor)

2
59
Apply