Skip to content
@Maldev-Academy

Maldev Academy

A learning academy offering module-based offensive security training and resources

Pinned Loading

  1. MaldevAcademyLdr.2 MaldevAcademyLdr.2 Public

    RunPE implementation with multiple evasive techniques (2)

    C 263 36

  2. DumpBrowserSecrets DumpBrowserSecrets Public

    Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

    C 259 54

  3. ExecutePeFromPngViaLNK ExecutePeFromPngViaLNK Public

    Extract and execute a PE embedded within a PNG file using an LNK file.

    Python 465 77

  4. TrapFlagForSyscalling TrapFlagForSyscalling Public

    Bypass user-land hooks by syscall tampering via the Trap Flag

    C 137 22

  5. AlphabeticalPolyShellGen AlphabeticalPolyShellGen Public

    Generate an Alphabetical Polymorphic Shellcode

    C 134 27

  6. ElectronVulnScanner ElectronVulnScanner Public

    Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.

    C 146 12

Repositories

Showing 10 of 19 repositories
  • DumpChromeSecrets Public archive

    Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

    Maldev-Academy/DumpChromeSecrets’s past year of commit activity
    C 522 MIT 73 0 0 Updated Jan 8, 2026
  • DumpBrowserSecrets Public

    Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers (Chrome, Microsoft Edge, Firefox, Opera, Opera GX, and Vivaldi)

    Maldev-Academy/DumpBrowserSecrets’s past year of commit activity
    C 259 MIT 54 0 0 Updated Jan 7, 2026
  • GhostlyHollowingViaTamperedSyscalls2 Public
    Maldev-Academy/GhostlyHollowingViaTamperedSyscalls2’s past year of commit activity
    C 63 MIT 15 0 0 Updated Dec 26, 2025
  • GitHubDeviceCodePhishing Public

    A tool to easily perform GitHub Device Code Phishing on red team engagements

    Maldev-Academy/GitHubDeviceCodePhishing’s past year of commit activity
    Python 74 MIT 11 0 0 Updated Dec 8, 2025
  • ElectronVulnScanner Public

    Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.

    Maldev-Academy/ElectronVulnScanner’s past year of commit activity
    C 146 MIT 11 0 0 Updated Nov 28, 2025
  • MaldevAcademyLdr.2 Public

    RunPE implementation with multiple evasive techniques (2)

    Maldev-Academy/MaldevAcademyLdr.2’s past year of commit activity
    C 263 MIT 36 0 0 Updated Sep 25, 2025
  • TrapFlagForSyscalling Public

    Bypass user-land hooks by syscall tampering via the Trap Flag

    Maldev-Academy/TrapFlagForSyscalling’s past year of commit activity
    C 137 MIT 22 0 0 Updated Aug 25, 2025
  • AlphabeticalPolyShellGen Public

    Generate an Alphabetical Polymorphic Shellcode

    Maldev-Academy/AlphabeticalPolyShellGen’s past year of commit activity
    C 134 MIT 27 0 0 Updated Aug 19, 2025
  • Alphabetfuscation Public

    Convert your shellcode into an ASCII string

    Maldev-Academy/Alphabetfuscation’s past year of commit activity
    C 124 MIT 30 0 0 Updated Jun 27, 2025
  • HookingLsassForCredentials Public Forked from NUL0x4C/HookingLsassForCredentials

    Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials

    Maldev-Academy/HookingLsassForCredentials’s past year of commit activity
    C 54 MIT 19 0 0 Updated May 12, 2025
View all repositories

Top languages

C Python