Pinned Repositories
-
恶意代码分析实战程序-PracticalMalwareAnalysis-Labs-master
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
awesome-blackmagic
🎭 ♠♥奇技淫巧 💠黑魔法大集合♦♣ 👺
bypass-av-note
免杀技术大杂烩---乱拳也打不死老师傅
CTF
empty2081.github.io
FLIRTDB
A community driven collection of IDA FLIRT signature files
GUI_Tools
一个由各种图形化渗透工具组成的工具集
raccoon5
小浣熊漫画CMS5.0
WinDefenderKiller
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
Empty2081's Repositories
Empty2081/anti-anti-virus
免杀知识库 | 开源免杀木马效果测试 360 火绒 卡巴斯基 Microsoft Defender | 免杀工具汇总
Empty2081/AvoidRandomKill
一次免杀实践(bypass 360、huorong、windows defender、kaspersky、)
Empty2081/Beacon
重构Beacon
Empty2081/Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
Empty2081/BestEdrOfTheMarket
Little AV/EDR bypassing lab for training & learning purposes
Empty2081/bindiff
Quickly find differences and similarities in disassembled code
Empty2081/CVE-2024-30088-Windows-poc
该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。
Empty2081/CVE-2024-38063
poc for CVE-2024-38063 (RCE in tcpip.sys)
Empty2081/EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
Empty2081/GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
Empty2081/HandyControl
Contains some simple and commonly used WPF controls
Empty2081/HP-Socket
High Performance TCP/UDP/HTTP Communication Component
Empty2081/IconJector
Unorthodox and stealthy way to inject a DLL into the explorer using icons
Empty2081/imgui
Dear ImGui: Bloat-free Graphical User interface for C++ with minimal dependencies
Empty2081/ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Empty2081/no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
Empty2081/No_X_Memory_ShellCode_Loader
无可执行权限加载 ShellCode。Loading ShellCode without executable permission.
Empty2081/pe-bear
Portable Executable reversing tool with a friendly GUI
Empty2081/PotatoTool
这款工具是一款功能强大的网络安全综合工具,旨在为安全从业者、红蓝对抗人员和网络安全爱好者提供全面的网络安全解决方案。它集成了多种实用功能,包括解密、分析、扫描、溯源等,为用户提供了便捷的操作界面和丰富的功能选择。This tool offers robust network security solutions for professionals and enthusiasts. With features like decryption, analysis, scanning, and traceability, it provides a user-friendly interface and diverse functionality.
Empty2081/Rat-winos4.0-gh0st
免杀远控木马源码整理开源(银狐 winos 大灰狼 gh0st) Rat
Empty2081/ReaLTaiizor
ReaLTaiizor is a .NET WinForms control library that offers a wide range of components and is user-friendly and design-focused.
Empty2081/RemoteTLSCallbackInjection
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
Empty2081/ReuseSocks
通过端口复用直接进行正向socks5代理(非防火墙分流)
Empty2081/RWX_MEMEORY_HUNT_AND_INJECTION_DV
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
Empty2081/sandbox-attacksurface-analysis-tools
Set of tools to analyze Windows sandboxes for exposed attack surface.
Empty2081/SeamlessPass
A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
Empty2081/spdlog
Fast C++ logging library.
Empty2081/TokenUniverse
An advanced tool for working with access tokens and Windows security policy.
Empty2081/TrollDump
Empty2081/Ultimate-RAT-Collection
For educational purposes only, samples of old & new malware builders including screenshots!