Stars
Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
E-mails, subdomains and names Harvester - OSINT
Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)
AV/EDR evasion via direct system calls.
A curated list of awesome resources related to executable packing
Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
Template-Driven AV/EDR Evasion Framework
Callisto - An Intelligent Binary Vulnerability Analysis Tool
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
A collaborative, multi-platform, red teaming framework
PowerShell rebuilt in C# for Red Teaming purposes
Ransomware simulation script written in PowerShell. Useful for testing your defenses and backups against real ransomware-like activity in a controlled setting.
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
-------> RAFEL<------ Android Rat Written in Java With WebPanel For Controlling Victims...Hack Android Devices
Next-Gen Stealer written in Go. Stealing from Discord, Chromium-Based & Firefox-Based Browsers, Crypto Wallets and more, from every user on every disk. (PoC. For educational purposes only)
Implementing the ghostly hollowing PE injection technique using tampered syscalls.
metame is a metamorphic code engine for arbitrary executables
Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.