Freimain's Stars
vp777/Windows-Non-Paged-Pool-Overflow-Exploitation
Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CVE-2020-17087 and an off-by-one overflow
S3cur3Th1sSh1t/Invoke-SharpLoader
S3cur3Th1sSh1t/RDPThiefInject
RDPThief donut shellcode inject into mstsc
S3cur3Th1sSh1t/SharpUnhooker
C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)
S3cur3Th1sSh1t/SyscallAmsiScanBufferBypass
AmsiScanBufferBypass using D/Invoke
backlion/SharpImpersonation
A User Impersonation tool - via Token or Shellcode injection
klezVirus/CheeseTools
Self-developed tools for Lateral Movement/Code Execution
backlion/CheeseTools
Self-developed tools for Lateral Movement/Code Execution
Arryboom/ImportCallObfuscator
Obfuscate calls to imports by patching in stubs
bats3c/DefensiveInjector
Shellcode injector using direct syscalls
bats3c/EvtMute
Apply a filter to the events being reported by windows event logging
bats3c/shad0w
A post exploitation framework designed to operate covertly on heavily monitored environments
3gstudent/Waitfor-Persistence
Use Waitfor.exe to maintain persistence
bats3c/DarkLoadLibrary
LoadLibrary for offensive operations
Arryboom/tiny_tracer
A Pin Tool for tracing API calls etc
Arryboom/byeintegrity8-uac
Bypass UAC at any level by abusing the Program Compatibility Assistant with RPC, WDI, and more Windows components