Stars
CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways.
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,…
not a reverse-engineered version of the Cobalt Strike Beacon
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!!!)
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
一款综合性网络安全检测和运维工具,旨在快速资产发现、识别、检测,构建基础资产信息库,协助甲方安全团队或者安全运维人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
⚡ Create infinite UAC prompts forcing a user to run as admin ⚡
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
Gel4y-Mini-Shell-Backdoor-Decode
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)
This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.
Shikata ga nai (仕方がない) encoder ported into go with several improvements