Pinned Repositories
HellHall
Performing Indirect Clean Syscalls
AmsiBypassHookManagedAPI
A new AMSI Bypass technique using .NET ALI Call Hooking.
AutoGeaconC2
AutoGeaconC2: 一键读取Profile自动化生成geacon实现跨平台上线CobaltStrike
BokuLoader
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
DBC2
DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of communication.
DocPlz
Documents Exfiltration project for fun and educational purposes
FakeSign
自建时间戳服务器实现伪签名驱动证书 Implementing Pseudo Signature with Self-Sign Timestamp Servers
Forest
基于frp(0.44.0)二次开发,删除不必要功能,加密配置文件,修改流量以及文件特征
HardHatC2
A C# Command & Control framework
HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
OneHoneyBaby's Repositories
OneHoneyBaby/AutoGeaconC2
AutoGeaconC2: 一键读取Profile自动化生成geacon实现跨平台上线CobaltStrike
OneHoneyBaby/rustdesk
基于rustdesk修改的远程桌面软件,将agent部分分离出来
OneHoneyBaby/WhoamiAlternatives
Different methods to get current username without using whoami
OneHoneyBaby/Jomungand
Shellcode Loader with memory evasion
OneHoneyBaby/ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
OneHoneyBaby/BokuLoader
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
OneHoneyBaby/DocPlz
Documents Exfiltration project for fun and educational purposes
OneHoneyBaby/Periscope
Fully Integrated Adversarial Operations Toolkit (C2, stagers, agents, ephemeral infrastructure, phishing engine, and automation)
OneHoneyBaby/POSTDump
OneHoneyBaby/HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
OneHoneyBaby/java-memshell-generator
一款支持高度自定义的 Java 内存马生成工具
OneHoneyBaby/FakeSign
自建时间戳服务器实现伪签名驱动证书 Implementing Pseudo Signature with Self-Sign Timestamp Servers
OneHoneyBaby/HardHatC2
A C# Command & Control framework
OneHoneyBaby/SharpLoggedon
OneHoneyBaby/TripleCross
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
OneHoneyBaby/SharkOne
Cobalt Strike 二开项目
OneHoneyBaby/WalkerGate
Find syscall
OneHoneyBaby/HellHall
Performing Indirect Clean Syscalls
OneHoneyBaby/shadow-tls-client
shadow tls client
OneHoneyBaby/stager_libpeconv
A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading
OneHoneyBaby/SilentMoonwalk
PoC Implementation of a TRUE call stack spoofer
OneHoneyBaby/AmsiBypassHookManagedAPI
A new AMSI Bypass technique using .NET ALI Call Hooking.
OneHoneyBaby/shadow_tls
shadow tls
OneHoneyBaby/TerraLdr
A Payload Loader Designed With Advanced Evasion Features
OneHoneyBaby/Forest
基于frp(0.44.0)二次开发,删除不必要功能,加密配置文件,修改流量以及文件特征
OneHoneyBaby/pamspy
Credentials Dumper for Linux using eBPF
OneHoneyBaby/mymost3
mymost3
OneHoneyBaby/yuemost2
yuemost2
OneHoneyBaby/yuemost
yuemost
OneHoneyBaby/DBC2
DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of communication.