DamonMohammadbagher

Security Researcher "https://damonmohammadbagher.github.io" , "https://medium.com/@damonmohammadbagher"

Pinned Repositories

BEV4
BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml files
Language:C#16 3 05
eBook-BypassingAVsByCSharp
eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)
464 34 3137
eBook_Bypassing-Antiviruses-by-C-Programming-v2.0
bypassing Anti-viruses by csharp programming v2.0
10 0 10
ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Language:C#292 10 067
Meterpreter_Payload_Detection
Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool
Language:C#160 13 364
NativePayload_CBT
NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)
Language:C#114 7 019
NativePayload_DNS
C# code for Transferring Backdoor Payloads by DNS Traffic and Bypassing Anti-viruses
Language:C#266 18 5100
NativePayload_Reverse_tcp
Meterpreter Encrypted Payload by C#
Language:C#161 12 463
NativePayloads
All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
Language:C#225 5 040
Some_Pentesters_SecurityResearchers_RedTeamers
Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...
104 10 126

DamonMohammadbagher's Repositories

DamonMohammadbagher/eBook-BypassingAVsByCSharp
eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)
464 34 3137
DamonMohammadbagher/ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Language:C#292 10 067
DamonMohammadbagher/NativePayloads
All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
Language:C#225 5 040
DamonMohammadbagher/NativePayload_Reverse_tcp
Meterpreter Encrypted Payload by C#
Language:C#161 12 463
DamonMohammadbagher/NativePayload_CBT
NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)
Language:C#114 7 019
DamonMohammadbagher/Some_Pentesters_SecurityResearchers_RedTeamers
Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...
104 10 126
DamonMohammadbagher/FakeFileMaker
Social Engineering: Simple way to make a fake file for Backdoors
Language:C#24 4 021
DamonMohammadbagher/BEV4
BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml files
Language:C#16 3 05
DamonMohammadbagher/NativePayload_DIM
NativePayload_DIM Dynamic native dll Injection in Memory , Injecting Native DLL bytes to local Process
Language:C#12 1 11
DamonMohammadbagher/NativePayload_TiACBT
NativePayload_TiACBT (Remote Thread Injection + C# Async Method + CallBack Functions Technique)
Language:C#12 2 01
DamonMohammadbagher/NativePayload_DCP
Compiling Csharp in-memory and Execute to bypass AVs
Language:C#11 1 02
DamonMohammadbagher/eBook_Bypassing-Antiviruses-by-C-Programming-v2.0
bypassing Anti-viruses by csharp programming v2.0
10 0 10
DamonMohammadbagher/Exfiltration-and-Uploading-DATA-by-DNS-Traffic-AAAA-Records-
Pdf File : Exfiltration and Uploading DATA by DNS Traffic (AAAA Records)
10 2 017
DamonMohammadbagher/NativePayload_LocalCreateThread7
Chunking CobaltStrike Payloads + Jump Method
Language:C#9 1 21
DamonMohammadbagher/RedbudTree
DNS IPv6 Request Listener (UDP Port 53) for Detecting Exfiltration DATA via IPv6 DNS AAAA Record Requests
Language:C#9 2 08
DamonMohammadbagher/backdoorppt
transform your payload.exe into one fake word doc (.ppt)
Language:Shell8 2 07
DamonMohammadbagher/damonmohammadbagher.github.io
Language:HTML8 2 03
DamonMohammadbagher/FSWatch
File System Watcher via C# (Monitoring File Activity , Create/Delete/Change/Rename events + some Activity like Size/Attribute/Security Changes & LastAccess, LastWrite etc...)
Language:C#8 3 03
DamonMohammadbagher/NativePayload_CTX
NativePayload_CTX Create Thread via _beginthreadex function in msvcrt.dll
Language:C#8 1 0
DamonMohammadbagher/Payload-hiding-Method-via-Infecting-Target-Process-Memory
Language:HTML7 3 09
DamonMohammadbagher/NativePayload_CDynApp3
Loading Csharp C2 Client-side codes in RAM by Very Simple New Technique to avoid Detection
Language:C#6 1 0
DamonMohammadbagher/NativePayload_NetMonitor
NativePayload_NetMonitor Monitoring NetworkTraffic over [ICMP/ARP/TCP/UDP + HTTP + DNS] by ws2_32.dll Windows Sockets Library
Language:C#6
DamonMohammadbagher/NativePayload_RefPtr1
NativePayload_RefPtr1 Indirect call csharp method in memory [without call c# method in source code directly]
Language:C#6 1 0
DamonMohammadbagher/NativePayload_ASM3
NativePayload_ASM/AsynASM , Injecting Meterpreter Payload bytes into local Process via Delegation Technique [Technique D] + in-memory with delay Changing RWX to X [Bypassing AVs]
Language:C#5 1 02
DamonMohammadbagher/Manifest-Creator
C# tool for make XML report from Network Hosts (report contains: Cpu,Bios,Motherboard,Vga,Sound,Hdd,Ram,Display-Monitor,IpAddress,Os,Users,...)
Language:C#4 2 02
DamonMohammadbagher/NativePayload_JMP4
in C# you can use Emit(Opcodes.jmp,TargetMethod) in your codes without writing any asm bytes in code to jump to pointer of TargetMethod or (MethodInfo) to run in-memory via Emit(Opcodes.jmp, method) in system.reflection namespace
Language:C#3 1 0
DamonMohammadbagher/DamonMohammadbagher
2 2 01
DamonMohammadbagher/NativePayload_DYN
Compiling Csharp in-memory and Execute to bypass AVs
Language:C#2 1 01
DamonMohammadbagher/NativePayload_PingSend
NativePayload_PingSend send data/string (exfiltration) to destination ip via icmp ping packets
Language:C#1 1 0
DamonMohammadbagher/NativePayload_Call4
NativePayload_Call4 Emit Call Method + Indirect Invoke C# Method "Emit(Opcodes.Call)" instead "Emit(Opcodes.Jmp)"
Language:C#