pinjectra
Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)SirepRAT
Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)EDRaser
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual.pwndsh
Post-exploitation framework (and an interactive shell) developed in Bash shell scriptingpacdoor
Proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) Filepyekaboo
Proof-of-concept program that is able to to hijack/hook/proxy Python module(s) thanks to $PYTHONPATH variableBack2TheFuture
Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in order to find the patterns.hAFL2
A kAFL based hypervisor fuzzer which fully supports nested VMsCloudMiner
Execute code using Azure Automation service without getting chargedwd-pretender
SimpleBITSServer
A simple python implementation of a BITS server.BITSInject
A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as the NT AUTHORITY/SYSTEM accountmkmalwarefrom
Proof-of-concept two-stage dropper generator that uses bits from external sourcesspacebin
Spacebin is a proof-of-concept malware that exfiltrates data (from No Direct Internet Access environments) via triggering AV on the endpoint and then communicating back from the AV's cloud component.CortexVortex
backdoros
backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.aikido_wiper
Spooler
DoubleDrive
A fully-undetectable ransomware that utilizes OneDrive to encrypt target filesAltFS
The Alternative Fileless File SystemRSFW
Request Smuggling FirewallHRS
cachetalk
Proof-of-concept program that is able to read and write arbitrary bits using HTTP server-side cachingBACE
Mapping of Binaries that allows Arbitrary Code ExecutionCoWTools
Tools for analyzing Windows containers and break container's isolationblog-snippets
Repository of Code Snippets from various SafeBreach Blog postsLove Open Source and this site? Check out how you can help us