Pinned Repositories
UEditorGetShell
UEditor编辑器批量GetShell / Code By:Tas9er
ChTimeStamp
Changing the Creation time and the Last Written time of a dropped file by the timestamp of other one , like the "kernel32.dll" timestamp
PPLdump
Dump the memory of a PPL with a userland exploit
CVE-2023-36723
ShellcodeLoader_code1
Windows通用免杀shellcode生成器,能够绕过Microsoft Defender、360、火绒、Panda等杀软的查杀。
ADSrunner
Write a UUIDs bytes array "*" collected to the Alternate Data Stream of the current binary , then the ADS Runner will get the DATA tranfert it into a char table nice UUIDS shellcode and Run it
BestEdrOfTheMarket
Little AV/EDR bypassing lab for training & learning purposes
BypassNeo-reGeorg
免杀版Neo-reGeorg
chromepass
Fetching passwords from the chrome browser database
MsF-NTDLL's Repositories
MsF-NTDLL/CVE-2024-30088
MsF-NTDLL/CVE_2024_30078_POC_WIFI
basic concept for the latest windows wifi driver CVE
MsF-NTDLL/EDR-XDR-AV-Killer
Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
MsF-NTDLL/android_autorooter
Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely
MsF-NTDLL/Kematian-Stealer
The best and completely open source Stealer
MsF-NTDLL/BenevolentLoader
Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
MsF-NTDLL/PWA-Phishing
MsF-NTDLL/CVE-2024-26229
CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
MsF-NTDLL/edr-internals
Tools for analyzing EDR agents
MsF-NTDLL/LOLDrivers-webclient
Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
MsF-NTDLL/cnext-exploits
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
MsF-NTDLL/GhostlyHollowingViaTamperedSyscalls
Implementing the ghostly hollowing PE injection technique using tampered syscalls.
MsF-NTDLL/notes
Full of public notes and Utilities
MsF-NTDLL/bsprishtina-2024-maldev-workshop
BSides Prishtina 2024 Malware Development and Persistence workshop
MsF-NTDLL/No-Consolation
A BOF that runs unmanaged PEs inline
MsF-NTDLL/TrollDump
MsF-NTDLL/PotatoTool
这款工具是一款功能强大的网络安全综合工具,旨在为安全从业者、红蓝对抗人员和网络安全爱好者提供全面的网络安全解决方案。它集成了多种实用功能,包括解密、分析、扫描、溯源等,为用户提供了便捷的操作界面和丰富的功能选择。This tool offers robust network security solutions for professionals and enthusiasts. With features like decryption, analysis, scanning, and traceability, it provides a user-friendly interface and diverse functionality.
MsF-NTDLL/CVE-2024-21111
Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability
MsF-NTDLL/dropper
Project that generates Malicious Office Macro Enabled Dropper for DLL SideLoading and Embed it in Lnk file to bypass MOTW
MsF-NTDLL/CVE-2023-36424
Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation
MsF-NTDLL/webshell
A collection of webshell
MsF-NTDLL/IoCs
Sophos-originated indicators-of-compromise from published reports
MsF-NTDLL/Keylogger1
A keylogger written in C that has evasion in mind
MsF-NTDLL/NjRatPlus
NjRat+
MsF-NTDLL/CodeSearchDemo
MsF-NTDLL/XiebroC2
Go编写的多人运动渗透测试图形化框架、支持lua插件扩展、自定义多个模块、自定义shellcode、文件管理、进程管理、内存加载、反向代理等功能
MsF-NTDLL/FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to modiy and DM if you find some bugs :)
MsF-NTDLL/InflativeLoading
Dynamically convert a native EXE to PIC shellcode by appending a shellcode stub
MsF-NTDLL/CVE-2024-21413
Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC
MsF-NTDLL/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
Microsoft-Outlook-Remote-Code-Execution-Vulnerability