rabbitstack
Follow
Stars
Open source Tines / Splunk SOAR alternative. All-in-one automation platform (workflows, tables, cases) for security and IT teams.
A repository of all code from Introduction to System Programming in Linux, by Stewart Weiss
This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit type coercion
Evasive shellcode loader for bypassing event-based injection detection (PoC)
A modern 32/64-bit position independent implant template
Also known by Microsoft as Knifecoat 🌶️
Light Blue React Template - Admin Dashboard Template built with React
Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
This repo covers some code execution and AV Evasion methods for Macros in Office documents
A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks
SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open sour…
PoC capable of detecting manual syscalls from usermode.
My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.
CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
Tabler is free and open-source HTML Dashboard UI Kit built on Bootstrap
delegated, decentralized, capabilities based authorization token
RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
🐜🐜🐜 ants is the most powerful and reliable pooling solution for Go.
A few custom rules for the Fibratus tool (https://github.com/rabbitstack/fibratus)
Loads any C# binary in mem, patching AMSI + ETW.
A fucking real shellcode loader with a GUI. Work-in-Progress.
PoC for thread pool based process injection in Windows.