Pinned Repositories
redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team
ADPT
DLL proxying for lazy people
DInvoke_rs
Dynamically invoke arbitrary unmanaged code
Dumpy
Reuse open handles to dynamically dump LSASS.
Eclipse
Activation Context Hijack
Elevator
UAC bypass by abusing RPC and debug objects.
EPI
Threadless Process Injection through entry point hijacking
Shelter
ROP-based sleep obfuscation to evade memory scanners
Split
Apply a divide and conquer approach to bypass EDRs
Unwinder
Call stack spoofing for Rust
Kudaes's Repositories
Kudaes/Elevator
UAC bypass by abusing RPC and debug objects.
Kudaes/EPI
Threadless Process Injection through entry point hijacking
Kudaes/Shelter
ROP-based sleep obfuscation to evade memory scanners
Kudaes/DInvoke_rs
Dynamically invoke arbitrary unmanaged code
Kudaes/Unwinder
Call stack spoofing for Rust
Kudaes/Split
Apply a divide and conquer approach to bypass EDRs
Kudaes/Dumpy
Reuse open handles to dynamically dump LSASS.
Kudaes/LOLBITS
** DISCONTINUED ** C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + Dinvoke for EDR user-mode hooking evasion.
Kudaes/Fiber
Using fibers to run in-memory code.
Kudaes/ADPT
DLL proxying for lazy people
Kudaes/RustChain
Hide memory artifacts using ROP and hardware breakpoints.
Kudaes/Eclipse
Activation Context Hijack
Kudaes/Bin-Finder
Detect EDR's exceptions by inspecting processes' loaded modules
Kudaes/rust_tips_and_tricks
Rust For Windows Cheatsheet
Kudaes/CustomEntryPoint
Select any exported function in a dll as the new dll's entry point.
Kudaes/RustHollow
Inject a shellcode in a remote process using Process Hollowing.
Kudaes/Scripts
Repository for dirty scripts and PoCs
Kudaes/litcrypt.rs
A Rust compiler plugin to encrypt string literal at compile time.