ACL Viewer for Windows

A very simple open source implementation of Google's Project Naptime

Reverse engineering winapi function loadlibrary.

Integrate cutting-edge LLM technology quickly and easily into your apps

Collection of awesome LLM apps with AI Agents and RAG using OpenAI, Anthropic, Gemini and opensource models.

Agent Laboratory is an end-to-end autonomous research workflow meant to assist you as the human researcher toward implementing your research ideas

A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering

DEFCON 27 workshop - Modern Debugging with WinDbg Preview

Claude Engineer is an interactive command-line interface (CLI) that leverages the power of Anthropic's Claude-3.5-Sonnet model to assist with software development tasks.This framework enables Claud…

Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)

Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book

Azure Client Tools

Device Management Client for Windows IoT Core

Deviare In Process Instrumentation Engine

Recovering NTLM hashes from Credential Guard

CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode.

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

haha winmd machine go brrrr

Access large language models from the command-line

A BOF that runs unmanaged PEs inline

Centralized resource for listing and organizing known injection techniques and POCs

ETW patching for dummies

List the ETW provider(s) in the registration table of a process.

Comprehensive toolkit for Ghidra headless.

Offensive RPC PoC

A tool for automating the installation of the Microsoft Windows operating system on various device platforms.