Pinned Repositories
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
anti-debug
artifact32
THIS REPO IS PART OF WHAT ORCA TOLD ME TO UPLOAD
artifact64
THIS REPO IS PART OF WHAT ORCA TOLD ME TO UPLOAD
beurk
BEURK Experimental Unix RootKit
BlobRunner
Quickly debug shellcode extracted during malware analysis
boopkit
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
byeintegrity-uac
Bypass UAC by hijacking a DLL located in the Native Image Cache
chacha20-c
ChaCha20 stream cipher implemented in C
Encryption-Algorithm
GUANCAIBAN's Repositories
GUANCAIBAN/Encryption-Algorithm
GUANCAIBAN/artifact32
THIS REPO IS PART OF WHAT ORCA TOLD ME TO UPLOAD
GUANCAIBAN/BlobRunner
Quickly debug shellcode extracted during malware analysis
GUANCAIBAN/boopkit
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
GUANCAIBAN/byeintegrity-uac
Bypass UAC by hijacking a DLL located in the Native Image Cache
GUANCAIBAN/conti_202202_leak_procedures
This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in the leak and posted on may 10th, 2021 in the channel.
GUANCAIBAN/conti_locker
Conti Locker source code
GUANCAIBAN/CSharpDemo
GUANCAIBAN/ctfwriteups
CTF writeups
GUANCAIBAN/Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
GUANCAIBAN/DLLoader
dll debugger
GUANCAIBAN/EventViewer-UACBypass
🍊 Orange Tsai EventViewer RCE
GUANCAIBAN/hidden
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
GUANCAIBAN/Keylogger
A simple keylogger for Windows, Linux and Mac
GUANCAIBAN/Khepri
Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.
GUANCAIBAN/linux-prinj
Linux process injection PoCs
GUANCAIBAN/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
GUANCAIBAN/none
UNONE and KNONE is a couple of open source base library that makes it easy to develop software on Windows.
GUANCAIBAN/OffensiveNim
My experiments in weaponizing Nim (https://nim-lang.org/)
GUANCAIBAN/PoolPartyBof
A beacon object file implementation of PoolParty Process Injection Technique.
GUANCAIBAN/processhacker
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
GUANCAIBAN/ProxyPool
一款用于自动切换ip的代理池服务,无需任何依赖,能快速运行。
GUANCAIBAN/r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
GUANCAIBAN/rpclib
rpclib is a modern C++ msgpack-RPC server and client library
GUANCAIBAN/Shark
Turn off PatchGuard in real time for win7 (7600) ~ later
GUANCAIBAN/ThreadlessInject-BOF
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
GUANCAIBAN/TripleCross
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
GUANCAIBAN/UACME
Defeating Windows User Account Control
GUANCAIBAN/vmprotect-3.5.1
GUANCAIBAN/WinAPI-RedBlue
Source codes of Windows API Exploitation for Red and Blue teams from Pentester Academy