rabbitstack
Follow
Stars
eBPF-based autoinstrumentation of web applications and network metrics
proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
Cross-platform library for binary debugging and memory hacking written in Rust
The production-scale datacenter profiler (C/C++, Go, Rust, Python, Java, NodeJS, .NET, PHP, Ruby, Perl, ...)
Permite obtener datos de 'ediciones' o 'comics' de Whakoom.
Monitors ETW for security relevant syscalls maintaining the set called by each unique process
Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.
Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+Bloc…
A modern tool for Windows kernel exploration and tracing with a focus on security
A repository to share publicly available Velociraptor detection content
Research on Windows Kernel Executive Callback Objects
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…
lightweight, idiomatic and composable router for building Go HTTP services
PoC Implementation of a fully dynamic call stack spoofer
A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
A collection of tools, scripts and personal research
A memory-based evasion technique which makes shellcode invisible from process start to end.
Beautifully designed components that you can copy and paste into your apps. Accessible. Customizable. Open Source.
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)