Freimain

Freimain's Stars

• vp777/Windows-Non-Paged-Pool-Overflow-Exploitation

  Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CVE-2020-17087 and an off-by-one overflow

  Language:C++17049

• S3cur3Th1sSh1t/Invoke-SharpLoader

  Language:PowerShell34570

• S3cur3Th1sSh1t/RDPThiefInject

  RDPThief donut shellcode inject into mstsc

  Language:C#7510

• S3cur3Th1sSh1t/SharpUnhooker

  C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)

  Language:C#218

• S3cur3Th1sSh1t/SyscallAmsiScanBufferBypass

  AmsiScanBufferBypass using D/Invoke

  Language:C#12819

• backlion/SharpImpersonation

  A User Impersonation tool - via Token or Shellcode injection

  1

• klezVirus/CheeseTools

  Self-developed tools for Lateral Movement/Code Execution

  Language:C#687141

• backlion/CheeseTools

  Self-developed tools for Lateral Movement/Code Execution

  1

• Arryboom/ImportCallObfuscator

  Obfuscate calls to imports by patching in stubs

  1

• bats3c/DefensiveInjector

  Shellcode injector using direct syscalls

  Language:C11735

• bats3c/EvtMute

  Apply a filter to the events being reported by windows event logging

  Language:C#26050

• bats3c/shad0w

  A post exploitation framework designed to operate covertly on heavily monitored environments

  Language:C2k322

• 3gstudent/Waitfor-Persistence

  Use Waitfor.exe to maintain persistence

  Language:PowerShell5419

• bats3c/DarkLoadLibrary

  LoadLibrary for offensive operations

  Language:C1.1k203

• Arryboom/tiny_tracer

  A Pin Tool for tracing API calls etc

  1

• Arryboom/byeintegrity8-uac

  Bypass UAC at any level by abusing the Program Compatibility Assistant with RPC, WDI, and more Windows components

  1