Redacted research on Thunderbolt PCIe DMA bypass via firmware spoofing and commodity adapters. Privately disclosed to Riot Games (HackerOne #35330606) on Jan 29, 2026. Closed ineligible as "physical facilities" after 6 days with no human response. Shared defensively to help anticheat teams strengthen hardware protections against cheating.

This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes

Advanced, multi-path iOS exploitation framework (A5-A17). Integrates checkm8/checkm9 bootloader exploits, dyld memory corruption, and SparseRestore bypasses with automated forensic gathering and system repair suites.

🐉 Experience a detailed showcase of exploit discovery, analysis, reproduction, and documentation of five XSS vulnerabilities impacting an outdated WordPress version. 🔍💻📄

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

New generation of wmiexec.py

A small PoC for bpfdoor malware technique

n8n Ni8mare - Unauthenticated Arbitrary File Read to RCE Chain (CVSS 10.0)

A New Exploitation Technique for Visual Studio Projects

The Havoc Framework

View contents of Visual Studio SUO files

This repository is a tool to create a .suo that when run by visual studio's will achieve code execution

PoC

Adversary Emulation Framework

Chrome WebGPU Use-After-Free (CWE-416) This toolkit is for security research and defensive verification around CVE-2026-5281. Patched Chrome version: 146.0.7680.178 Potentially vulnerable versions: anything below 146.0.7680.178

Windows LPE Nday

PoC for CVE-2025-22457

CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC