sgn. Shikata ga nai (仕方がない) encoder ported into go with several improvements
2kamber. Reflective PE packer.
1.4kHERCULES. HERCULES is a special payload generator that can bypass antivirus softwares.
601deoptimizer. Evasion by machine code de-optimization.
428EGESPLOIT. EGESPLOIT is a golang library for malware development
339evilreplay. Seamless remote browser session control
235Cminer. Cminer is a tool for enumerating the code caves in PE files.
155Keylogger. Simple C++ Keylogger...
147ARCANUS. ARCANUS is a customized payload generator/handler.
144WSAAcceptBackdoor. Winsock accept() Backdoor Implant.
118Hook_API. Assembly block for hooking windows API functions.
97IAT_API. Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
85Mass-Hacker-Arsenal. Massive arsenal of hacker tools...
83The-Eye. Simple security surveillance script for linux distributions.
60syscall_api. Assembly
38MapPE. PE file mapping and manipulation package.
36Ticketbleed. This is a tool for exploiting Ticketbleed (CVE-2016-9244) vulnerability.
30zippo. Zippo is a archive payload generator for testing XSS, (Zip/Tar/Gzip) slip vulnerabilities.
25SelfDefense. Several self-defense shellcodes
23sub7. Clone of https://gitlab.com/illwill/sub7 repo.
20crc32_api. Assembly API block that uses CRC32 for resolving Windows API function addresses
19MSF-Self-Defence. Self defense post module for metasploit
17AgentTesla_RCE. AgentTesla botnet C&C RCE exploit.
16meterpreter. Basic multi platform meterpreter loader module.
16AzorultDecryptor. Brute-force script for finding azorult XOR key.
14MSF-Telegram-Notify. Telegram notification for metasploit sessions.
14Injector. Simple shellcode injector.
13KPOT-Decryptor. Tool for finding KPOT XOR key using known-plaintext attack.
13keystone-go. Keystone binding for golang
13BitBender. BitBender is a byte manipulation tool
12CVE-2022-29154. HIP2022 presentation materials.
9urlscan-go. URLScan Go API client
7poe2-whisper-bot. Telegram bot for redirecting POE2 trade messages.
6CVE-2018-8065. Flexense HTTP Server <= 10.6.24 - Denial Of Service Exploit
6PEzor. Read the blog post here: https://iwantmore.pizza/posts/PEzor.html
6No-Consolation. A BOF that runs unmanaged PEs inline
6LdrLibraryEx. A small x64 library to load dll's into memory.
5ARMBot_RCE. ARM Bot RCE Exploit.
5malware-1. Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.
5Saddam. DDoS Amplification Tool
5Botnet. Botnet
5Crypter. Windows Crypter
4ransomware. A windows crypto-ransomware (Academic)
4COFF-Loader. A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
4hidden-tear. ransomware open-sources
4metasploit-framework. Metasploit Framework
4DreamLoader. Simple 32/64-bit PEs loader.
4spy-extension. A Chrome extension that will steal literally everything it can
4ShellcodeTemplate. An easily modifiable shellcode template for Windows x64/x86
4machineid. Get the unique machine id of any host (without admin privileges)
3Cpp-Keylogger. Advanced keylogger made in C++ that works on Window 7, 8, 8.1, And 10 - Use at your own discretion
3GoDefender. Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.
3AtomPePacker. A Highly capable Pe Packer
3LG-Smart-IP-Device-Backup-Download. Exploit for downloading backup files from LG Smart IP Devices.
2tracee. Linux Runtime Security and Forensics using eBPF
2Nidhogg. Nidhogg is an all-in-one simple to use rootkit for red teams.
2MicroBackdoor. Small and convenient C2 tool for Windows targets
2TurkoRat. Fully undetected grabber (grabs wallets, passwords, cookies, modifies discord client etc.)
2kopycat. Linux Kernel module-less implant (backdoor)
2