Ptkatz's Stars
WildGenie/HackerToolBox
SkarSys/windows-kernel-trojan
A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)
M0nster3/Beacon
重构Beacon
microsoft/Detours
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
naudio/NAudio
Audio and MIDI library for .NET
hfiref0x/SyscallTables
Windows NT Syscall tables
oldboy21/RflDllOb
Reflective DLL Injection Made Bella
driver1998/ModernNetUAP.XamlCompiler
UWP (Windows.UI.Xaml) Xaml Compiler support for Modern .NET
fiddyschmitt/File-Tunnel
Tunnel TCP connections through a file
StackExchange/MarkdownSharp
Open source C# implementation of Markdown processor, used by Stack Overflow.
jpoehls/MarkdownWin
A "live preview" Markdown viewer for Windows.
CBLabresearch/PhantomExecution
Self Cleanup in post-ex job
MrAle98/Sliver-CPPImplant2
Sliver agent rewritten in C++
qi4L/sRDI-rs
Rust 重构的 sRDI
EvilBytecode/GoDefender
Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.
ccdescipline/CInject
Windows Kernel inject (no module no thread)
stivenhacker/GhostStrike
Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.
sevagas/macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
mandiant/ADFSDump
coin8086/WinSocket
TLS Examples in Schannel and IO Completion Ports
oiweiwei/go-msrpc
The DCE/RPC / MS-RPC Codegen/Client for Go
qi4L/Gabh-rs
由 rust 重构的各类Gate技术
praetorian-inc/goffloader
A Go implementation of Cobalt Strike style BOF/COFF loaders.
CICADA8-Research/COMThanasia
A set of programs for analyzing common vulnerabilities in COM
M2Team/Privexec
Run the program with the specified permission level (C++20 required)
sailay1996/RpcSsImpersonator
Privilege Escalation Via RpcSs svc
reactiveui/ReactiveUI
An advanced, composable, functional reactive model-view-viewmodel framework for all .NET platforms that is inspired by functional reactive programming. ReactiveUI allows you to abstract mutable state away from your user interfaces, express the idea around a feature in one readable place and improve the testability of your application.
V-i-x-x/AMSI-BYPASS
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
Zombie-Kaiser/CVE-2024-30088-Windows-poc
该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。
VoldeSec/PatchlessCLRLoader
.NET assembly loader with patchless AMSI and ETW bypass