Pinned Repositories
520apkhook
把msf生成的安卓远控附加进普通的app中,并进行加固隐藏特征。可以绕过常见的手机安全管家。
ABPTTS
TCP tunneling over HTTP/HTTPS for web application servers
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
adaudit
Powershell script to do domain auditing automation
ADCollector
A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
AggressiveGadgetToJScript
A Cobalt Strike Aggressor script to generate GadgetToJScript payloads
AggressiveProxy
Project to enumerate proxy configurations and generate shellcode from CobaltStrike
ProcessHollowing
Simple Process Hollowing in C#
L34Rn's Repositories
L34Rn/APT-Attack-Simulation
This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and many other tools that attackers might have used in actual attacks. These tools and TTPs are simulated here.
L34Rn/azureOutlookC2
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
L34Rn/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
L34Rn/CallStackMasker
A PoC implementation for dynamically masking call stacks with timers.
L34Rn/Chaos-Rootkit
x64 ring0 rootkit with process hiding, privilege escalation, and capabilities for protecting and unprotecting processes
L34Rn/cobaltstrike-beacon-rust
CobaltStrike beacon in rust
L34Rn/D1rkSleep
Improved version of EKKO by @5pider that Encrypts only Image Sections
L34Rn/DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
L34Rn/EvilSln
A New Exploitation Technique for Visual Studio Projects
L34Rn/Fiber
Using fibers to run in-memory code in a different and stealthy way.
L34Rn/FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
L34Rn/HadesLdr
Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
L34Rn/HPHardwareDiagnostics-PoC
PoC exploit for HP Hardware Diagnostic's EtdSupp driver
L34Rn/HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
L34Rn/LocalPotato
L34Rn/LOLDrivers
Living Off The Land Drivers
L34Rn/Nidhogg
windows rootkit cpp lib
L34Rn/obfus.h
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
L34Rn/Obligato
This project is an implant framework designed for long term persistent access to Windows machines.
L34Rn/OperatorsKit
Collection of Beacon Object Files (BOF) for Cobalt Strike
L34Rn/phantom
A memory-based evasion technique which makes shellcode invisible from process start to end.
L34Rn/RasmanPotato
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
L34Rn/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
L34Rn/resocks
mTLS-Encrypted Back-Connect SOCKS5 Proxy
L34Rn/StackCrypt
Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume threads
L34Rn/TangledWinExec
PoCs and tools for investigation of Windows process execution techniques
L34Rn/ThreadlessInject
Threadless Process Injection using remote function hooking.
L34Rn/WeChatDB-Rust
用Rust语言编写,使用特征值从微信内存中提取数据库密钥的工具
L34Rn/WeChatMsg
提取微信聊天记录,将其导出成HTML、Word、Excel文档永久保存,对聊天记录进行分析生成年度聊天报告,用聊天数据训练专属于个人的AI聊天助手
L34Rn/wmiexec-Pro
New generation of wmiexec.py