Pinned Repositories
COM-Hunter
COM Hijacking VOODOO
CPPPractice
C/C++练手
defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27 Workshop
DllNotificationInject
A passive-triggered method for remote code injection.
free-programming-books-zh_CN
:books: 免费的计算机编程类中文书籍,欢迎投稿
grab_beacon_config
NimScan
🚀 Fast Port Scanner 🚀
p2p
🖥️ Remote Desktop P2P based. Portable, No configuration or installation needed, communicate your endpoint to the peer, and vice versa, press connect and enjoy. 🖥️
selfMimikatz
自不量力的mimikatz分离计划
vcpkg
C++ Library Manager for Windows, Linux, and MacOS
GooWen's Repositories
GooWen/APT_Step_Bear_Inject
复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》
GooWen/Arkari
Yet another llvm based obfuscator based on goron.
GooWen/Auto_Bangumi_TR
AutoBangumi support for transmission
GooWen/BinarySpy
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
GooWen/codasm
Payload encoding utility to effectively lower payload entropy.
GooWen/COMThanasia
A set of programs for analyzing common vulnerabilities in COM
GooWen/CVE-2024-21338_PoC
GooWen/dataBrawl
一键生成免杀木马的 shellcode 免杀框架
GooWen/ExecutePeFromPngViaLNK
Extract and execute a PE embedded within a PNG file using an LNK file.
GooWen/gatherBurp
一款burp插件,请看简介
GooWen/help_tool
推理算法助手(降维打击)
GooWen/Hopper
Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.
GooWen/IDA_PHNT_TYPES
Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
GooWen/IHxExec
Process injection alternative
GooWen/kdmapper
KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory
GooWen/MemProcFS
MemProcFS
GooWen/Mergen
Deobfuscation via optimization with usage of LLVM IR and parsing assembly.
GooWen/No-Consolation
A BOF that runs unmanaged PEs inline
GooWen/No_X_BOF-ShellCode
加载 BOF & ShellCode 无需可执行权限内存。Loading BOF & ShellCode without executable permission memory.
GooWen/ollvm-rust
out-of-tree llvm obfuscation pass plugin (dynamically loadable by rustc). || rust toolchain with obfuscation llvm pass.
GooWen/oss-fuzz
OSS-Fuzz - continuous fuzzing for open source software.
GooWen/PECracker
针对PE文件的分离的攻防对抗工具,红队、研究者的好帮手。目前支持文件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and researchers. Currently, file header spoofing and certificate segment infection are supported.
GooWen/sublink-worker
无需服务器,一键部署,快速将自建节点分享URL转换为订阅链接,提供灵活的自定义路由规则,支持SingBox/Clash/V2Ray/Xray
GooWen/Supernova
Real fucking shellcode encryptor & obfuscator tool
GooWen/TangledWinExec
PoCs and tools for investigation of Windows process execution techniques
GooWen/TcpServerChannelRce
一款基于James Forshaw的.NET Remoting反序列化工具升级版在TypeFilterLevel.Low模式无文件payload任意代码执行poc的开发心得
GooWen/tiny_tracer
A Pin Tool for tracing API calls etc
GooWen/V8sandbox_bypass
V8sandbox_bypass using stack misalignment
GooWen/Voidmaw
A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables that will be flagged by the antimalware programs(such as mimikatz).
GooWen/windows-api-function-cheatsheets
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.