FatCyclone's Stars
reHackable/awesome-reMarkable
A curated list of projects related to the reMarkable tablet
s0md3v/Arjun
HTTP parameter discovery suite.
stephenfewer/ReflectiveDLLInjection
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
assetnote/kiterunner
Contextual Content Discovery Tool
lefayjey/linWinPwn
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
Mr-Un1k0d3r/SCShell
Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
t3l3machus/psudohash
Generates millions of keyword-based password mutations in seconds.
WKL-Sec/HiddenDesktop
HVNC for Cobalt Strike
lem0nSec/ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
Octoberfest7/TeamsPhisher
Send phishing messages and attachments to Microsoft Teams users
Aetsu/OffensivePipeline
OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.
itm4n/VBA-RunPE
A VBA implementation of the RunPE technique or how to bypass application whitelisting.
reveng007/DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
juliourena/SharpNoPSExec
Get file less command execution for lateral movement.
WinMin/awesome-vm-exploit
share some useful archives about vm and qemu escape exploit.
rad9800/TamperingSyscalls
senzee1984/Amsi_Bypass_In_2023
Amsi Bypass payload that works on Windwos 11
f1zm0/hades
Go shellcode loader that combines multiple evasion techniques
crummie5/FreshyCalls
FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!
f1zm0/acheron
indirect syscalls for AV/EDR evasion in Go assembly
slemire/WSPCoerce
PoC to coerce authentication from Windows hosts using MS-WSP
Idov31/Jormungandr
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
XaFF-XaFF/Kernel-Process-Hollowing
Windows x64 kernel mode rootkit process hollowing POC.
nazywam/AutoIt-Ripper
Extract AutoIt scripts embedded in PE binaries
fortra/CVE-2023-28252
nov1n/RemarkablePocket
Synchronize Pocket articles with the Remarkable tablet.
mansk1es/GhostFart
Signal-Labs/iat_unhook_sample
(First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls and all hooked functions (incl. hooked NtProtectVirtualMemory)
stolenusername/cowitness
CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to mimic an HTTP server and a DNS server, providing complete responses and valuable insights during your testing process.
Marc-andreLabonte/AnalyseDynamiqueModulesKernel
Atelier Analyse dynamique de modules de kernel Windows NSEC 2023