Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion

Working Set Page Cache side-channel IPC PoC

Cross-platform Rust rewrite of the GNU coreutils

Cloud subdomains identification tool

An open protocol enabling communication and interoperability between opaque agentic applications.

Disable DSE and WinTcb (without breaking DRM)

Research on WDEG (Windows Defender Exploit Guard) and its components.

A fast, secure MCP server that extends its capabilities through WebAssembly plugins.

Playwright Model Context Protocol Server - Tool to automate Browsers and APIs in Claude Desktop, Cline, Cursor IDE and More 🔌

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…

A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon

Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used in JAR / WAR / APK applications.

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

A fast tool to scan CRLF vulnerability written in Go

Simple POC for a GCP App Engine C2 Forwarder

The batteries-included, No-Code FinOps automation platform.

Godot Engine – Multi-platform 2D and 3D game engine

[CVPR 2025 Oral] VGGT: Visual Geometry Grounded Transformer

Predatory ESP32 Firmware

Develop software autonomously.

UAC Bypass using UIAccess program QuickAssist

Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)

Automated web vulnerability scanning with LLM agents

An open source deep research clone. AI Agent that reasons large amounts of web data extracted with Firecrawl

Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.

Toolkit for linearizing PDFs for LLM datasets/training

DOM fuzzer

A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and reflection techniques for code injection. This PoC showcases…