Pinned Repositories
35C3_Modern_Windows_Userspace_Exploitation
access
Access without a real handle
Active-Directory-Pentest-Notes
个人域渗透学习笔记
ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Anti-Rootkits
内核级ARK工具。
antianalysis_demos
Set of antianalysis techniques found in malware
Penetration_Testing_POC
渗透测试有关的POC、脚本、提权小工具等,欢迎补充、完善
x64dbg_vs_dark
x64dbg stylesheet like visual studio dark theme
KMwin's Repositories
KMwin/ChromeTools
A collection of tools to abuse chrome browser
KMwin/CobaltStrike
CobaltStrike's source code
KMwin/CobaltStrike-BOF
Collection of beacon BOF written to learn windows and cobaltstrike
KMwin/CobaltStrikeParser
KMwin/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
KMwin/CVE-2020-1034
PoC demonstrating the use of cve-2020-1034 for privilege escalation
KMwin/ExecuteAssembly
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).
KMwin/fortiscan
A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.
KMwin/Fuzzing-Dicts
Web Security Dictionary
KMwin/GodzillaSource
Godzilla v1.0 source code
KMwin/herpaderping
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
KMwin/HookLib
The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support
KMwin/KasperskyHook
Hook system calls on Windows by using Kaspersky's hypervisor
KMwin/loader
A fully featured remote pe image injector/loader with forum integration and protection against cracking.
KMwin/masqueradeCmdline
A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
KMwin/MasterHide
MasterHide x64 Rootkit
KMwin/MMInject
Kernel DLL Injector using PTE Manipulation (NX) and VAD hide for hiding injected DLL
KMwin/openedr
Open EDR public repository
KMwin/Orcus-1.9.1-src
leaked by cortexnet.cc
KMwin/partial
d
KMwin/RedTeam
Tools & Interesting Things for RedTeam Ops
KMwin/Reptile
LKM Linux rootkit
KMwin/RootKits-List-Download
This is the list of all rootkits found so far on github and other sites.
KMwin/sdk
BinaryAI Python SDK
KMwin/Shell_Protect
VM加壳器,支持一键加壳/脱壳,全压缩/加密等。
KMwin/ShellCodeFramework
绕3环的shellcode免杀框架
KMwin/StepFC
Make FC(NES) Emulator Step-by-Step 一步一步模拟红白机
KMwin/SysWhispers2_x86
X86 version of syswhispers2
KMwin/Windows_Kernel_Programming
Windows Kernel Programming (Обзорный перевод книги)
KMwin/workflow
Sogou framework for C++ backend development.