Ptkatz

Ptkatz's Stars

• WildGenie/HackerToolBox

  Language:Python530

• SkarSys/windows-kernel-trojan

  A windows kernel mode driver that spoofs serial numbers when mapped and executes a malicious payload (FULLY from kernel!!!)

  Language:C++276

• M0nster3/Beacon

  重构Beacon

  Language:C12739

• microsoft/Detours

  Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.

  Language:C++5.2k1k

• naudio/NAudio

  Audio and MIDI library for .NET

  Language:C#5.5k1.1k

• hfiref0x/SyscallTables

  Windows NT Syscall tables

  Language:C1.1k237

• oldboy21/RflDllOb

  Reflective DLL Injection Made Bella

  Language:C++17233

• driver1998/ModernNetUAP.XamlCompiler

  UWP (Windows.UI.Xaml) Xaml Compiler support for Modern .NET

  Language:C#5

• fiddyschmitt/File-Tunnel

  Tunnel TCP connections through a file

  Language:C#86873

• StackExchange/MarkdownSharp

  Open source C# implementation of Markdown processor, used by Stack Overflow.

  Language:C#24938

• jpoehls/MarkdownWin

  A "live preview" Markdown viewer for Windows.

  Language:C#275

• CBLabresearch/PhantomExecution

  Self Cleanup in post-ex job

  Language:C++405

• MrAle98/Sliver-CPPImplant2

  Sliver agent rewritten in C++

  Language:C++322

• qi4L/sRDI-rs

  Rust 重构的 sRDI

  Language:Rust102

• EvilBytecode/GoDefender

  Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.

  Language:Go35136

• ccdescipline/CInject

  Windows Kernel inject (no module no thread)

  Language:C++25659

• stivenhacker/GhostStrike

  Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

  Language:C++23536

• sevagas/macro_pack

  macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

  Language:Python2.2k406

• mandiant/ADFSDump

  Language:C#30965

• coin8086/WinSocket

  TLS Examples in Schannel and IO Completion Ports

  Language:C++72

• oiweiwei/go-msrpc

  The DCE/RPC / MS-RPC Codegen/Client for Go

  Language:Go411

• qi4L/Gabh-rs

  由 rust 重构的各类Gate技术

  Language:Rust10

• praetorian-inc/goffloader

  A Go implementation of Cobalt Strike style BOF/COFF loaders.

  Language:Go15026

• CICADA8-Research/COMThanasia

  A set of programs for analyzing common vulnerabilities in COM

  Language:C++11621

• M2Team/Privexec

  Run the program with the specified permission level (C++20 required)

  Language:C++32052

• sailay1996/RpcSsImpersonator

  Privilege Escalation Via RpcSs svc

  Language:C16933

• reactiveui/ReactiveUI

  An advanced, composable, functional reactive model-view-viewmodel framework for all .NET platforms that is inspired by functional reactive programming. ReactiveUI allows you to abstract mutable state away from your user interfaces, express the idea around a feature in one readable place and improve the testability of your application.

  Language:C#8.1k1.1k

• V-i-x-x/AMSI-BYPASS

  "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

  Language:PowerShell17636

• Zombie-Kaiser/CVE-2024-30088-Windows-poc

  该漏洞存在于 NtQueryInformationToken 函数中，特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时，该漏洞源于内核在操作对象时对锁定机制的不当管理，这一失误可能导致恶意实体意外提升权限。

  Language:C++2913

• VoldeSec/PatchlessCLRLoader

  .NET assembly loader with patchless AMSI and ETW bypass

  Language:C26941