Pinned Repositories
7a6570.github.io
AceLdr
Cobalt Strike UDRL for memory scanner evasion.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
al-khaser
Al-khaser is a PoC malware with good intentions that aimes to stress your malware analysis / sandbox environement
amber
Reflective PE packer.
AndrewSpecial
AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.
antivmdetection
Script to create templates to use with VirtualBox to make vm detection harder
apiscout
This project aims at simplifying Windows API import recovery on arbitrary memory dumps
challenges
Collection of solved challenges
7a6570's Repositories
7a6570/challenges
Collection of solved challenges
7a6570/AceLdr
Cobalt Strike UDRL for memory scanner evasion.
7a6570/ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
7a6570/antivmdetection
Script to create templates to use with VirtualBox to make vm detection harder
7a6570/apiscout
This project aims at simplifying Windows API import recovery on arbitrary memory dumps
7a6570/beacon
Former attempt at creating a independent Cobalt Strike Beacon
7a6570/BlobRunner
Quickly debug shellcode extracted during malware analysis
7a6570/bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
7a6570/BruteRatel-DetectionTools
A collection of Tools and Rules for decoding Brute Ratel C4 badgers
7a6570/cyberchef-recipes
A list of cyber-chef recipes and curated links
7a6570/findyara-ida
IDA python plugin to scan binary with Yara rules
7a6570/grap
grap: define and match graph patterns within binaries
7a6570/Hunt-Sleeping-Beacons
Aims to identify sleeping beacons
7a6570/immersive-labs-volatility_plugins
Volatility 3 Plugins
7a6570/KernelCallbackTable-Injection
Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
7a6570/Nidhogg
Nidhogg is an all-in-one simple to use rootkit for red teams.
7a6570/Nimcrypt2
.NET, PE, & Raw Shellcode Packer/Loader Written in Nim
7a6570/Obfuscate
Guaranteed compile-time string literal obfuscation header-only library for C++14
7a6570/osx_keylogger
A no-frills keylogger for macOS.
7a6570/patriot
7a6570/perses
X86 Mutation Engine with Portable Executable compatibility.
7a6570/physmem_drivers
A collection of various vulnerable (mostly physical memory exposing) drivers.
7a6570/ReflectiveDLLInjection
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
7a6570/simple-php-web-shell
Tiny PHP Web shell for executing unix commands from web page
7a6570/sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
7a6570/Stardust
A modern 64-bit position independent implant template
7a6570/Stinger
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.
7a6570/vmprotect-3.5.1
7a6570/windows-api-function-cheatsheets
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
7a6570/x64dbgida
Official x64dbg plugin for IDA Pro.