Skip to content
@Maldev-Academy

Maldev Academy

A learning academy offering module-based offensive security training and resources

Pinned Loading

  1. MaldevAcademyLdr.2 MaldevAcademyLdr.2 Public

    RunPE implementation with multiple evasive techniques (2)

    C 277 36

  2. DumpBrowserSecrets DumpBrowserSecrets Public

    Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

    C 631 88

  3. ExecutePeFromPngViaLNK ExecutePeFromPngViaLNK Public

    Extract and execute a PE embedded within a PNG file using an LNK file.

    Python 465 77

  4. TrapFlagForSyscalling TrapFlagForSyscalling Public

    Bypass user-land hooks by syscall tampering via the Trap Flag

    C 137 21

  5. AlphabeticalPolyShellGen AlphabeticalPolyShellGen Public

    Generate an Alphabetical Polymorphic Shellcode

    C 137 25

  6. ElectronVulnScanner ElectronVulnScanner Public

    Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.

    C 155 11

Repositories

Showing 10 of 22 repositories
  • QRSteganography Public

    Encodes arbitrary data into one or more QR code PNGs and decodes them back as a form of steganography for data obfuscation.

    Maldev-Academy/QRSteganography’s past year of commit activity
    C 38 MIT 6 0 0 Updated Mar 10, 2026
  • DumpBrowserSecrets Public

    Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers (Chrome, Microsoft Edge, Firefox, Opera, Opera GX, and Vivaldi)

    Maldev-Academy/DumpBrowserSecrets’s past year of commit activity
    C 631 MIT 88 0 0 Updated Feb 14, 2026
  • GitLabDeviceCodePhishing Public

    A tool to easily perform GitLab Device Code Phishing on red team engagements

    Maldev-Academy/GitLabDeviceCodePhishing’s past year of commit activity
    Python 49 MIT 3 0 0 Updated Feb 9, 2026
  • GitHubDeviceCodePhishing Public

    A tool to easily perform GitHub Device Code Phishing on red team engagements

    Maldev-Academy/GitHubDeviceCodePhishing’s past year of commit activity
    Python 88 MIT 11 0 0 Updated Feb 9, 2026
  • PrefetchFileParser Public

    A lightweight Windows Prefetch file parser to extract programs' execution history

    Maldev-Academy/PrefetchFileParser’s past year of commit activity
    C 68 MIT 8 0 0 Updated Jan 12, 2026
  • DumpChromeSecrets Public archive

    Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

    Maldev-Academy/DumpChromeSecrets’s past year of commit activity
    C 556 MIT 77 0 0 Updated Jan 8, 2026
  • GhostlyHollowingViaTamperedSyscalls2 Public

    Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection

    Maldev-Academy/GhostlyHollowingViaTamperedSyscalls2’s past year of commit activity
    C 72 MIT 14 0 0 Updated Dec 26, 2025
  • ElectronVulnScanner Public

    Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.

    Maldev-Academy/ElectronVulnScanner’s past year of commit activity
    C 155 MIT 11 0 0 Updated Nov 28, 2025
  • MaldevAcademyLdr.2 Public

    RunPE implementation with multiple evasive techniques (2)

    Maldev-Academy/MaldevAcademyLdr.2’s past year of commit activity
    C 277 MIT 36 0 0 Updated Sep 25, 2025
  • TrapFlagForSyscalling Public

    Bypass user-land hooks by syscall tampering via the Trap Flag

    Maldev-Academy/TrapFlagForSyscalling’s past year of commit activity
    C 137 MIT 21 0 0 Updated Aug 25, 2025
View all repositories

Top languages

C Python