Ducknobee

Ducknobee's Stars

• owasp-modsecurity/ModSecurity

  ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

  Language:C++8.1k1.6k

• apernet/OpenGFW

  OpenGFW is a flexible, easy-to-use, open source implementation of GFW (Great Firewall of China) on Linux

  Language:Go9.6k721

• BlackINT3/none

  UNONE and KNONE is a couple of open source base library that makes it easy to develop software on Windows.

  Language:C++14243

• TideSec/BypassAntiVirus

  远控免杀系列文章及配套工具，汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术，并对免杀效果进行了一一测试，为远控的免杀和杀软对抗免杀提供参考。

  Language:XSLT4.5k1.2k

• nek0YanSu/CheckVM-Sandbox

  source code

  Language:C++18140

• ZanderChang/anti-sandbox

  Windows对抗沙箱和虚拟机的方法总结

  Language:C++38138

• vvmdx/Sec-Interview-4-2023

  一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~

  2.4k314

• Ne0nd0g/merlin

  Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

  Language:Go5.1k801

• emilyanncr/Windows-Post-Exploitation

  Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

  521117

• BishopFox/sliver

  Adversary Emulation Framework

  Language:Go8.3k1.1k

• n1nj4sec/pupy

  Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

  Language:Python8.4k1.8k

• xinyugit/KmdManager

  dirver loader tool

  Language:C176

• mgeeky/ThreadStackSpoofer

  Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

  Language:C++1k172

• CCob/ThreadlessInject

  Threadless Process Injection using remote function hooking.

  Language:C#71580

• qi4L/Unhooker-go

  EDR绕过demo

  Language:Go28135

• Airboi/bypass-av-note

  免杀技术大杂烩---乱拳也打不死老师傅

  1.1k173

• skyw4tch3r/RootKits-List-Download

  This is the list of all rootkits found so far on github and other sites.

  1.3k384

• ciyze0101/Windows-Rootkits

  Language:C469173

• gtworek/Priv2Admin

  Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

  1.9k267

• SaadAhla/HeapCrypt

  Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap

  Language:C++23643

• HavocFramework/Havoc

  The Havoc Framework.

  Language:Go6.7k950

• itm4n/PrintSpoofer

  Abusing impersonation privileges through the "Printer Bug"

  Language:C1.9k330

• TheWover/donut

  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

  Language:C3.5k628

• S3cur3Th1sSh1t/MultiPotato

  Language:C++49889

• jthuraisamy/SysWhispers

  AV/EDR evasion via direct system calls.

  Language:Assembly1.8k264

• jthuraisamy/SysWhispers2

  AV/EDR evasion via direct system calls.

  Language:Assembly1.5k234

• med0x2e/ExecuteAssembly

  Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).

  Language:C++539107

• makoto56/penetration-suite-toolkit

  本项目制作的初衷是帮助渗透新手快速搭建工作环境，工欲善其事，必先利其器。

  2.5k360

• tib36/PhishingBook

  红蓝对抗：钓鱼演练资源汇总&备忘录

  95998

• alphaSeclab/awesome-rat

  RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

  1.8k430