0xTriboulet
All code, software, writeups, and resources of any kind made available on my profile are under the AGPLv3 license unless otherwise noted.
Pinned Repositories
crackmes
Reverse engineering crackemes
Cycotic
A python polymorphic engine for C programs
Havoc_3rd_Party_Support
The Havoc Framework. Preserves Revenant and 3rd Party functionality to the maximum extent possible.
OffensiveRust
Rust Weaponization for Red Team Engagements.
Red_Team_Code_Snippets
random code snippets, useful for getting started
Revenant
Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
sleepmask-clion
A simple Sleepmask BOF example
T-1
T-1 is a shellcode loader that leverages ML techniques to detect VM environments
T-70
A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
ZeroTotal
A collection of source code, binaries, and compilation scripts designed to bypass detection
0xTriboulet's Repositories
0xTriboulet/Revenant
Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
0xTriboulet/Red_Team_Code_Snippets
random code snippets, useful for getting started
0xTriboulet/T-70
A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
0xTriboulet/OffensiveRust
Rust Weaponization for Red Team Engagements.
0xTriboulet/ZeroTotal
A collection of source code, binaries, and compilation scripts designed to bypass detection
0xTriboulet/T-1
T-1 is a shellcode loader that leverages ML techniques to detect VM environments
0xTriboulet/Cycotic
A python polymorphic engine for C programs
0xTriboulet/sleepmask-clion
A simple Sleepmask BOF example
0xTriboulet/crackmes
Reverse engineering crackemes
0xTriboulet/Havoc_3rd_Party_Support
The Havoc Framework. Preserves Revenant and 3rd Party functionality to the maximum extent possible.
0xTriboulet/angr
Angr experimentation
0xTriboulet/r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
0xTriboulet/0xdarkvortex-MalwareDevelopment
This repo will contain code snippets for blogs: Malware on Steroids written by me at https://scriptdotsh.com/index.php/category/malware-development/
0xTriboulet/CreateProcessInternalW-Full
Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
0xTriboulet/NtCreateUserProcess-Post
NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version
0xTriboulet/Talon
(Demo) 3rd party agent for Havoc
0xTriboulet/vxlang-page
protector & obfuscator & code virtualizer
0xTriboulet/WindowSpy
WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
0xTriboulet/phnt-single-header
Single header version of System Informer's phnt library.
0xTriboulet/0xtriboulet
0xTriboulet/aes_dust
Unlicensed tiny / small portable implementation of 128/256-bit AES encryption in C, x86, AMD64, ARM32 and ARM64 assembly
0xTriboulet/Crucible-Bear
0xTriboulet/LdrLibraryEx
A small x64 library to load dll's into memory.
0xTriboulet/No-Consolation
A BOF that runs unmanaged PEs inline
0xTriboulet/pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
0xTriboulet/RtlClone
0xTriboulet/RustyEye
0xTriboulet/sleep_python_bridge
This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client. NOTE: This project is very much in BETA. The goal is to provide a playground for testing and is in no way an officially support feature.
0xTriboulet/windows-defender
Malice Windows Defender AntiVirus Plugin