watson0x90

Watson watson0x90

13 followers · 105 following

Sponsoring

Achievements

Lists (8)

Sort

Starred repositories

45 stars written in C++

Clear filter

pybind / pybind11

Seamless operability between C++11 and Python

C++ 17,207 2,211 Updated Sep 1, 2025

JonathanSalwan / Triton

Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.

C++ 3,849 559 Updated Aug 24, 2025

hasherezade / pe_to_shellcode

Converts PE into a shellcode

C++ 2,637 460 Updated Aug 30, 2025

JustasMasiulis / lazy_importer

library for importing functions from dlls in a hidden, reverse engineer unfriendly way

C++ 1,811 231 Updated Aug 3, 2023

aahmad097 / AlternativeShellcodeExec

Alternative Shellcode Execution Via Callbacks

C++ 1,615 319 Updated Nov 11, 2022

Meckazin / ChromeKatz

Dump cookies and credentials directly from Chrome/Edge process memory

C++ 1,314 125 Updated Aug 30, 2025

SafeBreach-Labs / PoolParty

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

C++ 1,167 160 Updated Dec 11, 2023

matthieu-hackwitharts / Win32_Offensive_Cheatsheet

Win32 and Kernel abusing techniques for pentesters

C++ 961 142 Updated Sep 3, 2023

skadro-official / skCrypter

Compile-time, Usermode + Kernelmode, safe and lightweight string crypter library for C++11+

C++ 780 122 Updated Jun 3, 2021

RedTeamOperations / Advanced-Process-Injection-Workshop

C++ 765 145 Updated Oct 17, 2023

efchatz / pandora

A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.

C++ 755 90 Updated Jan 9, 2025

frkngksl / Shoggoth

Shoggoth: Asmjit Based Polymorphic Encryptor

C++ 746 94 Updated Apr 10, 2024

ZeroMemoryEx / Amsi-Killer

Lifetime AMSI bypass

C++ 641 90 Updated Sep 26, 2023

br-sn / CheekyBlinder

Enumerating and removing kernel callbacks using signed vulnerable drivers

C++ 575 109 Updated Jan 24, 2023

vxCrypt0r / Voidgate

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…

C++ 569 87 Updated Jun 12, 2024

MalwareTech / EDR-Preloader

An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer

C++ 508 78 Updated Feb 13, 2024

WKL-Sec / Malleable-CS-Profiles

A list of python tools to help create an OPSEC-safe Cobalt Strike profile.

C++ 482 55 Updated May 19, 2025

Krypteria / AtlasLdr

Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls

C++ 377 62 Updated Oct 8, 2024

binderlabs / DirCreate2System

Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting

C++ 358 39 Updated Dec 19, 2022

CICADA8-Research / IHxExec

Process injection alternative

C++ 345 48 Updated Sep 6, 2024

deepinstinct / ContainYourself

A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.

C++ 316 42 Updated Aug 31, 2023

RedefiningReality / Cobalt-Strike

Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection

C++ 306 72 Updated May 17, 2024

hackerhouse-opensource / Marble

The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.

C++ 304 49 Updated Dec 30, 2023

lab52io / LeakedHandlesFinder

Leaked Windows processes handles identification tool

C++ 290 46 Updated Mar 14, 2022

VirtualAlllocEx / Create-Thread-Shellcode-Fetcher

This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (…

C++ 253 51 Updated May 25, 2023