A collection of common (interesting) cryptographic mistakes and learning resources.

Provide powerful tools for seccomp analysis

Automation for internal Windows Penetrationtest / AD-Security

An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap

GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries

Find the remote website version based on a git repository

An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.

A series of posts about QEMU internals:

XSS'OR - Hack with JavaScript.

An impish, cross-platform binary parsing crate, written in Rust

Connect like there is no firewall. Securely.

A framework for constructing self-spreading binaries

Directory/File, DNS and VHost busting tool written in Go

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

FuZZan: Efficient Sanitizer Metadata Design for Fuzzing

PoC exploits for software vulnerabilities

Project page for "The Fuzzing Book"

Linux Kernel Hacking

Virtual-machine Translation Intermediate Language

A cat(1) clone with wings.

Tetris that fits into the boot sector.

Hash collisions and exploitations

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.