Pinned Repositories
AmsiScanBufferBypass
Circumvent AMSI by patching AmsiScanBuffer
AssemblyLoader
Loads .NET Assembly Via CLR Loader
bof-NetworkServiceEscalate
Abuses the Shared Logon Session ID Issue (Described [here](https://www.tiraniddo.dev/2020/04/sharing-logon-session-little-too-much.html) by the awesome James Forshaw) To Achieve System From NetworkService. Can be used as a "getsystem" as well
building-c2-implants-in-cpp
The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogunlab).
cs-rdll-ipc-example
Example code for using named pipe output with beacon ReflectiveDLLs
defcon-25-workshop
Windows Post-Exploitation / Malware Forward Engineering DEF CON 25 Workshop
dll-hijack-by-proxying
Exploiting DLL Hijacking by DLL Proxying Super Easily
dnscat2
GhostLoader
GhostLoader - AppDomainManager - Injection - 攻壳机动队
wart
753c33686578's Repositories
753c33686578/wart
753c33686578/AmsiScanBufferBypass
Circumvent AMSI by patching AmsiScanBuffer
753c33686578/AssemblyLoader
Loads .NET Assembly Via CLR Loader
753c33686578/bof-NetworkServiceEscalate
Abuses the Shared Logon Session ID Issue (Described [here](https://www.tiraniddo.dev/2020/04/sharing-logon-session-little-too-much.html) by the awesome James Forshaw) To Achieve System From NetworkService. Can be used as a "getsystem" as well
753c33686578/building-c2-implants-in-cpp
The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogunlab).
753c33686578/cs-rdll-ipc-example
Example code for using named pipe output with beacon ReflectiveDLLs
753c33686578/dll-hijack-by-proxying
Exploiting DLL Hijacking by DLL Proxying Super Easily
753c33686578/dnscat2
753c33686578/GhostLoader
GhostLoader - AppDomainManager - Injection - 攻壳机动队
753c33686578/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
753c33686578/Malware-Analysis-Training
Retired beginner/intermediate malware analysis training materials from @pedramamini and @erocarrera.
753c33686578/mcfridafee
753c33686578/Misc-Powershell-Scripts
Random Tools
753c33686578/mkhtaccess_red
Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been seen before, and redirects them to a benign payload.
753c33686578/MSBuildAPICaller
MSBuild Without MSBuild.exe
753c33686578/Net-GPPPassword
.NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy Preferences.
753c33686578/PELoader
Load PE via XML Attribute
753c33686578/PENTESTING-BIBLE
This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
753c33686578/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
753c33686578/Process-Hollowing
Great explanation of Process Hollowing (a Technique often used in Malware)
753c33686578/Random-CSharpTools
Collection of CSharp Assemblies focused on Post-Exploitation Capabilities
753c33686578/redshell
An interactive command prompt for red teaming and pentesting. Pushes commands through proxychains via Cobalt Strike beacon socks proxies or custom proxies. Automatically logs activities on a Cobalt Strike teamserver and/or local files.
753c33686578/sandbox-attacksurface-analysis-tools
Set of tools to analyze and attack Windows sandboxes.
753c33686578/sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
753c33686578/Stardust
A modern 64-bit position independent implant template
753c33686578/subTee-gits-backups
subTee gists code backups
753c33686578/Suspending-Techniques
Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.
753c33686578/vulcan
a tool to make it easy and fast to test various forms of injection
753c33686578/WinPwnage
UAC bypass, Elevate, Persistence and Execution methods
753c33686578/YouMayPasser
You shall pass