Pinned Repositories
BypassETW_CSharp
Bypassing ETW with Csharp
DInvoke_shellcodeload_CSharp
ShellCodeLoader via DInvoke
EarlyBirdInjection_CSharp
Inject shellcode into process via "EarlyBird"
Fiber_ShellcodeExecution
Using fibers to execute shellcode in a local process via csharp
HellgateLoader_CSharp
Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
HookDetection_CSharp
HookDetection
MappingInjection_CSharp
MappingInjection via csharp
NewNtdllBypassInlineHook_CSharp
Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.
PEB-PPIDspoofing_Csharp
Command line & PPID spoofing
SysCall_ShellcodeLoad_Csharp
Load shellcode via syscall
Kara-4search's Repositories
Kara-4search/AMSICheck_CSharp
A tool to detect the integrity of AmsiScanbuffer in memory ,and defend AMSI bypass
Kara-4search/0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
Kara-4search/windows-kernel-exploits
Some of my windows kernel exploits for learning purposes
Kara-4search/BokuLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities. By: @0xBoku & @s4ntiago_p
Kara-4search/Cronos-Rootkit
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
Kara-4search/CVE-2022-21882
Kara-4search/CVE-2022-21883
CVE-2022-21882
Kara-4search/CVE-2022-21884
win32k LPE
Kara-4search/DefenderStop
Stop Defender Service using C# via Token Impersonation
Kara-4search/EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
Kara-4search/global-inject-demo
A global injection and hooking example
Kara-4search/Journey-to-McAfee
Kara-4search/kernel_window_hide
内核级别隐藏指定窗口
Kara-4search/KrbRelay
Framework for Kerberos relaying
Kara-4search/KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
Kara-4search/msdt-follina
Codebase to generate an msdt-follina payload
Kara-4search/Multiline-Ultimate-Assembler
A multiline (and ultimate) assembler (and disassembler) plugin for x64dbg and OllyDbg. A perfect tool for modifying and extending a compiled executable functionality.
Kara-4search/Nidhogg
Nidhogg is an all-in-one simple to use rootkit for red teams.
Kara-4search/NO445-lateral-movement
command execute without 445 port
Kara-4search/Pluto-Obfuscator
Obfuscator based on LLVM 12.0.1
Kara-4search/PoolMonXv2
Kernel Pool Monitor
Kara-4search/PPLKiller
Tool to bypass LSA Protection (aka Protected Process Light)
Kara-4search/PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
Kara-4search/PTEditor
A small library to modify all page-table levels of all processes from user space for x86_64 and ARMv8.
Kara-4search/pypykatz
Mimikatz implementation in pure Python
Kara-4search/Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Kara-4search/SharpXDecrypt
Xshell全版本密码恢复工具
Kara-4search/SpoolFool
Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
Kara-4search/tenet
A Trace Explorer for Reverse Engineers
Kara-4search/WindowsElevation
Windows Elevation(持续更新)