Pinned Repositories
APT-Attack-Simulation
A APT Attack Simulation for APT 29 & Lockbit
atexec-pro
Fileless atexec, no more need for port 445
auto-enum
IDA Plugin to automatically identify and set enums for standard functions
AV_EDR_EPP_Notes
BokuLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities. By: @0xBoku & @s4ntiago_p
Chrome-App-Bound-Encryption-Decryption
Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.
CS-AutoPostChain
基于 OPSEC 的 CobaltStrike 后渗透自动化链
java-memshell-generator
一款支持高度自定义的 Java 内存马生成工具
Jlaive
Antivirus evasion tool (crypter) that converts executables into undetectable batch files.
SpecialShellcode
将shellcode转换特殊的数据类型,用于过静态免杀
GPiiiiii's Repositories
GPiiiiii/SpecialShellcode
将shellcode转换特殊的数据类型,用于过静态免杀
GPiiiiii/APT-Attack-Simulation
A APT Attack Simulation for APT 29 & Lockbit
GPiiiiii/atexec-pro
Fileless atexec, no more need for port 445
GPiiiiii/auto-enum
IDA Plugin to automatically identify and set enums for standard functions
GPiiiiii/AV_EDR_EPP_Notes
GPiiiiii/BokuLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities. By: @0xBoku & @s4ntiago_p
GPiiiiii/Chrome-App-Bound-Encryption-Decryption
Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.
GPiiiiii/CS-AutoPostChain
基于 OPSEC 的 CobaltStrike 后渗透自动化链
GPiiiiii/java-memshell-generator
一款支持高度自定义的 Java 内存马生成工具
GPiiiiii/JoJoLoader
助力红队成员一键生成免杀木马,使用rust实现 | Help Redteam members generate Evasive Anti-virus software Trojan
GPiiiiii/Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
GPiiiiii/Learning-EDR-and-EDR_Evasion
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.
GPiiiiii/MagiskOnWSALocal
GPiiiiii/new_in_swor
bypassAll静态引擎,如绕过QVM,绕过VT所有静态引擎
GPiiiiii/npcap
Nmap Project's Windows packet capture and transmission library
GPiiiiii/libalpc
GPiiiiii/oxgenPdb
a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.
GPiiiiii/powershell-obfuscation
powershell免杀混淆器,简单有效。A simple and effective powershell obfuscaiton tool bypass Anti-Virus
GPiiiiii/RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
GPiiiiii/RedGuard
RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
GPiiiiii/ROP_ROCKET
ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP. The framework utilizes emulation and obfuscation to help expand the attack surface.
GPiiiiii/RTCore64_Vulnerability
Use RTCore64 to map your driver on windows 11.
GPiiiiii/SearchAvailableExe
寻找可利用的白文件
GPiiiiii/stink
Stealer in just a few lines with sending to Server / Telegram / Discord. No dependencies, only built-in libraries.
GPiiiiii/SysWhispers3
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
GPiiiiii/test
test
GPiiiiii/VDR
Vulnerable driver research tool, result and exploit PoCs
GPiiiiii/VMProtect
VMProtect Leaked Source Code
GPiiiiii/vmprotect-3.5.1
GPiiiiii/XLL-DROPPER-
XLL DROPPER | Learn to create Native xll Dropper