Go shellcode loader that combines multiple evasion techniques

Deep kubernetes visibility from the kubectl

OCI hook to trace syscalls and generate a seccomp profile

🪛 It's strace, with colours.

🌐 Interact with browser from Go. Manually crafted WebAPI interoperation library.

⚗️ Intercept stdin/stdout/stderr for any process

Linux Subsystem for FreeBSD (😈 on 🐧)

Golang Linux memfd library

A suite of tools for disassembly, ROP, and binary analysis written in Go

Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.

A Go program that uses winmm.dll to record audio to a WAV file.

dock try to re-implement docker 🐳

go-native-syscall is Go (+ asm) Windows syscall library that resolves, hashes, caches, and invokes direct (and indirect now) NT calls without going through the win api layer traditionally

strace-perfetto runs strace and converts the raw output to a Trace Event JSON file. The JSON file can then be analyzed using Google's Perfetto UI

Utility to set desktop wallpaper for Windows, [Mac & Linux WIP!]

Job worker service that provides an API to run arbitrary Linux processes.

get windows system call number dynamically

fun way to proxy syscalls or regular function calls through vulkan-1.dll

一个基于go写的shellcode_load. Advanced modular evasion loader for Windows x64. Features Build Tag-based isolation, Indirect Syscalls, Telemetry Blinding (ETW/AMSI), and robust Call Stack Spoofing to thwart EDR stack analysis.