Pinned Repositories
amber
Reflective PE packer.
Cminer
Cminer is a tool for enumerating the code caves in PE files.
deoptimizer
Evasion by machine code de-optimization.
EGESPLOIT
EGESPLOIT is a golang library for malware development
evilreplay
Seamless remote browser session control
HERCULES
HERCULES is a special payload generator that can bypass antivirus softwares.
Hook_API
Assembly block for hooking windows API functions.
IAT_API
Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
sgn
Shikata ga nai (仕方がない) encoder ported into go with several improvements
WSAAcceptBackdoor
Winsock accept() Backdoor Implant.
EgeBalci's Repositories
EgeBalci/HERCULES
HERCULES is a special payload generator that can bypass antivirus softwares.
EgeBalci/kopycat
Linux Kernel module-less implant (backdoor)
EgeBalci/MicroBackdoor
Small and convenient C2 tool for Windows targets
EgeBalci/SARA
SARA - Simple Android Ransomware Attack
EgeBalci/SleepyCrypt
A shellcode function to encrypt a running process image when sleeping.
EgeBalci/ToRat
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
EgeBalci/tracee
Linux Runtime Security and Forensics using eBPF
EgeBalci/b374k
PHP Webshell with handy features
EgeBalci/CrossC2
generate CobaltStrike's cross-platform payload
EgeBalci/archcraft
// Source : ISO
EgeBalci/Cobalt-Wipe
Cobalt wipe is the non-commercial version of Cobalt-Strike 4.3 (May 2021 Release)
EgeBalci/DarkLoadLibrary
LoadLibrary for offensive operations
EgeBalci/ExecuteAssembly
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).
EgeBalci/ghost
:ghost: RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware
EgeBalci/gsocket-relay
Global Socket Server
EgeBalci/HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
EgeBalci/HVNC
Standalone HVNC Client & Server | Coded in C++ (Modified Tinynuke)
EgeBalci/interactsh
An OOB interaction gathering server and client library
EgeBalci/Invoke-Bof
Load any Beacon Object File using Powershell!
EgeBalci/MacOSX-SDKs
A collection of those pesky SDK folders: MacOSX10.1.5.sdk thru MacOSX11.3.sdk
EgeBalci/mettle
This is an implementation of a native-code Meterpreter, designed for portability, embeddability, and low resource utilization.
EgeBalci/MyEtherWallet
MyEtherWallet (our friends call us MEW) is a free, client-side interface helping you interact with the Ethereum blockchain.
EgeBalci/NorthStarC2
Web Based Command Control Framework (C2) #C2 #PostExploitation #CommandControl #RedTeam #C2Framework #PHPC2 #.NETMalware #Malware #PHPMalware #CnC #infosec #offensivesecurity #Trojan
EgeBalci/RefleXXion
RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtCreateSection, NtOpenSection and NtMapViewOfSection found in the LdrpThunkSignature array.
EgeBalci/reqstress
a benchmarking&stressing tool that can send raw HTTP requests
EgeBalci/RunPE-In-Memory
Run a Exe File (PE Module) in memory (like an Application Loader)
EgeBalci/s6_pcie_microblaze
PCI Express DIY hacking toolkit for Xilinx SP605
EgeBalci/StormKitty
:key: Stealer written on C#, logs will be sent to Telegram bot.
EgeBalci/TitanLdr
Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
EgeBalci/Trufflehog-Chrome-Extension