KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Public open-source code of malware Stuxnet (aka MyRTUs).

Nginx 18.1 04/09/22 zero-day repo

Curating Falco rules with MITRE ATT&CK Matrix

Latest ios RCE Vulnerability disclosed by Google Security Researcher

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

Discord client zero-click RCE

C++ malware specifically built to extract Discord authentication tokens and personally identifying information.

How to develop your own zero day vulnerabilities for iOS

Log4Shell Zero-Day Exploit Proof of Concept

"Otax", a popularized shitty discord zero-day exploit. A bullshit writeup on it was released by a larper called HellSec.

📜 This script uses steganography and a Discord client vulnerability in order to run javascript on all computers viewing a certain image within Discord.

Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit

A python based exploit to test out rapid reset attack (CVE-2023-44487)

This tool will help you to find CVEs, exploits, or possible 0-Days for a specific technology.

Zero-Day Vulnerability in File Manager Plugin 6.7 ( CVE 2020-25213 )

Blocking smartscreen, security center, forensic processes and 3rd party security applications on Windows Operating Systems

Recently, it was discovered that Microsoft client operating systems released in the past 2.5 years are susceptible to a zero-day flaw in how permissions are implemented on a critical system folder. The code in the repository implements the steps documented by Microsoft as the remediation for the vulnerability, including setting permissions and d…

Latest working elevation of privilege exploit by Tavis Ormandy from Google's Project Zero Team