Encrypted PE Loader Generator
https://github.com/frkngksl/Huan

KaynLdr is a Reflective Loader written in C/ASM
https://github.com/Cracked5pider/KaynLdr

Evasive shellcode loader for bypassing event-based injection detection
https://github.com/xuanxuan0/DripLoader

Red Team Tools keylogger free version, x86 & x64, bypass AV and CobaltStrike version 4.4
password: HelloWorld
https://github.com/angels520/redteamT00ls

Cheatsheet for Penetest and Red Team
https://github.com/Ignitetechnologies/bugbounty
A list of resources for those interested in getting started in bug bounties
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

FireEye agent endpoint + US agent config

php kill-free webshell
https://github.com/xzajyjs/Anti-Virus-PHP

Phpstudy RCE EXP
https://github.com/xzajyjs/phpstudy_Backdoor-EXP

CLI program to analyze DNS queries
https://github.com/jvns/tiny-resolver

Website FingerPrint Recognition
https://github.com/hakuQAQ/Holmes

Active Directory & Red-Team Cheat-Sheet in constant expansion
https://github.com/RistBS/Awesome-RedTeam-Cheatsheet

A collection of awesome one-liner scripts for bug bounty hunting
https://github.com/litt1eb0yy/One-Liner-Scripts

C# implementation of the token privilege removal flaw discovered by: GabrielLandau / Elastic
https://github.com/MartinIngesen/TokenStomp

SIM Hijacking
https://sensepost.com/blog/2022/sim-hijacking

Emerging Threat of Containerized Malware
https://github.com/mgeeky/PackMyPayload

High speed passive DNS collector with dnstap support, dns traffic sniffer and more
https://github.com/dmachard/dns-collector

Red Team Resources
https://github.com/Digit4lBytes/RedTeam

Advanced-Process-Injection-Workshop by CyberWarFare Labs
https://github.com/RedTeamOperations/Advanced-Process-Injection-Workshop

A story of leaking uninitialized memory from Fastly
https://medium.com/@emil.lerner/leaking-uninitialized-memory-from-fastly-83327bcbee1f

Exploring UNIX pipes for iOS kernel exploit primitives, and introducing kalloc_data_require
https://tfp0labs.com/blog/unix-pipes-exploitation

A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery
https://fuzzinglabs.com/wp-content/uploads/2022/02/Beaconfuzz_OffensiveCon2022_patrick_ventuzelo.pdf

Attacking JavaScript Engines in 2022
https://saelo.github.io/presentations/offensivecon_22_attacking_javascript_engines.pdf

Qbot only 30 minutes to steal credentials
https://thedfirreport.com/2022/02/07/qbot-likes-to-move-it-move-it

PrivateLoader spreads Smokeloader, Redline, Vidar malware
https://intel471.com/blog/privateloader-malware

PoC CVE-2022-22718 Windows Print Spooler Elevation of Privilege Vulnerability LPE
https://github.com/ly4k/SpoolFool

CVE-2022-20699 Cisco Anyconnect VPN unauth RCE (rwx stack)
https://github.com/Audiobahn/CVE-2022-20699
PoC CVE-2022-21241 CSV+ 0.8.0 - Arbitrary Code Execution
https://github.com/satoki/csv-plus_vulnerability
PoC CVE-2022-21877 information leak inside the spaceport.sys driver
https://github.com/Big5-sec/cve-2022-21877

An analysis of CVE-2022-21877
https://big5-sec.github.io/posts/an-analysis-of-cve-2022-21877

Exploring Windows UAC Bypasses
https://elastic.github.io/security-research/whitepapers/2022/02/03.exploring-windows-uac-bypass-techniques-detection-strategies/article

PPE - Poisoned Pipeline Execution
Running malicious code in your CI, without access to your CI
https://medium.com/cider-sec/ppe-poisoned-pipeline-execution-34f4e8d0d4e9

How Docker Made Me More Capable and the Host Less Secure
https://www.cyberark.com/resources/threat-research-blog/how-docker-made-me-more-capable-and-the-host-less-secure