A comprehensive modern architecture model is proposed to integrate platform solutions and tooling to support a professional Red Team.

Shellcode packer for CTFs and pentest / red team exams aiming for AV evasion!

AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. It is our hope that this tool will be useful to red teams over the short term, while over the long term help AV/EDR vendors improve how they handle AHK scripts.

Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion

PandaCrypter is a C#-based tool designed to convert PowerShell scripts into obfuscated batch files (.bat) with encryption and additional features for execution control.

vulnerable drivers for windows machines.

Advanced shellcode loader with AES-256, EDR/AMSI/ETW bypass, indirect syscalls, evasion, early-bird APC injection and PPID spoofing.

A proof-of-concept to demonstrate randomized execution paths and their impact on call stack signatures — ideal for EDR testing, behavior-based detection research, and evasion analysis.

Another FAFO project: Weaponizing MSI installers for fileless code execution

An advanced Windows shell code loader and generator toolset featuring XOR encryption, debug protection, and GUI capabilities for penetration testing.

🧾 | Cybersecurity and CTF Resource that i gathered over the years

An advanced tool for bypassing EDR (Endpoint Detection and Response) systems and antivirus software by dynamically generating and injecting shellcode

Advanced Red Team Payload Obfuscator. A multi-layer evasion tool for PowerShell, Python, Bash, C#, and Go. Features Shannon Entropy analysis and real-time detection scoring.

Generator of techniques to evade AMSI in Windows. It uses random methods to generate code without signatures detectable by Windows Defender. Ideal for security research and AMSI bypass.

New Amsi Patching Update

Advanced Windows shellcode development framework with position-independent code generation, dynamic API resolution, and cross-architecture support for security research and penetration testing.

🔐 Load and execute XOR-encrypted shellcode on Windows with this efficient C++ and Python utility for enhanced security and customization.

ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions

Tool for obfuscating payloads in hexadecimal format for evasion in security testing and Red Team engagements.