Pinned Repositories
-0day-
针对《解密家用路由器0day漏洞挖掘技术》一书的相关笔记
-Ah-ANGRYORCHARD
A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
-Ah-blacklotus
A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
-Ah-bootdoor
Former UEFI Firmware Rootkit Replicating MoonBounce / ESPECTRE
-Ah-bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
-Ah-titanldr-ng
A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
-Ah-TransitionalPeriod
Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
-CSMOD-AM0N-Eye
-EventLogEraser-_windows_event_log_study
_A_H_ghost
A sample client/server architecture
827Dream's Repositories
827Dream/-Ah-ANGRYORCHARD
A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
827Dream/-Ah-blacklotus
A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
827Dream/-Ah-bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
827Dream/-Ah-titanldr-ng
A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
827Dream/-Ah-TransitionalPeriod
Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
827Dream/-CSMOD-AM0N-Eye
827Dream/-EventLogEraser-_windows_event_log_study
827Dream/_A_H_ghost
A sample client/server architecture
827Dream/_Ah_angryorchard-original
Original proof of concept I submitted to brokers demonstrating the vulnerability in hopes of getting rid of it.
827Dream/_Ah_krbtgs
old postex for grabbing a krbtgs for my current user
827Dream/AlanFramework
A C2 post-exploitation framework
827Dream/_A_h_grimreaper
A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
827Dream/_Ah_foliage
A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code
827Dream/_AH_preboot
Experiment with d_olex's firmware and conducting "preboot" attack
827Dream/_Ah_rogue
A barebones template of 'rogue' aka a simple recon and agent deployment I built to communicate over ICMP. Well, without the ICMP code.
827Dream/Blackbone
Windows memory hacking library
827Dream/BlackLotus
BlackLotus UEFI Windows Bootkit
827Dream/CHAOS
:fire: CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
827Dream/Chimera
827Dream/chisel
A fast TCP/UDP tunnel over HTTP
827Dream/EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
827Dream/GrabAccess
Bookit / Windows Login Password and Bitlocker Bypass Tool
827Dream/MIP
MIP – macOS Injection Platform
827Dream/Obligato
This project is an implant framework designed for long term persistent access to Windows machines.
827Dream/recorder
This is a screen recorder by ffmpeg that include desktop、speaker、mircphone.I will rewrite this project with c++ when star raised to 100!
827Dream/ReverseSock5Proxy
A tiny Reverse Sock5 Proxy written in C :V
827Dream/SubSeven
SubSeven Legacy Official Source Code Repository
827Dream/Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
827Dream/VMProtect-Source
Source of VMProtect (NOT OFFICIALLY)
827Dream/windows-nt5
It is the leaked source code of Windows NT 5 (Windows XP / Windows Server 2003) operating systems.