ZkClown

ZkClown's Stars

• dockur/windows

  Windows inside a Docker container.

  Language:Shell31.6k1646102.2k

• blacklanternsecurity/bbot

  The recursive internet scanner for hackers. 🧡

  Language:Python7.5k59900565

• BLAKE3-team/BLAKE3

  the official Rust and C implementations of the BLAKE3 cryptographic hash function

  Language:Assembly5.3k78247360

• Neo23x0/Loki

  Loki - Simple IOC and YARA Scanner

  Language:Python3.4k185174585

• S3cur3Th1sSh1t/Amsi-Bypass-Powershell

  This repo contains some Amsi Bypass methods i found on different Blog Posts.

  1.8k353296

• tsale/EDR-Telemetry

  This project aims to compare and evaluate the telemetry of various EDR products.

  Language:Python1.7k5150163

• GhostManager/Ghostwriter

  The SpecterOps project management and reporting engine

  Language:Python1.4k29278190

• swisskyrepo/InternalAllTheThings

  Active Directory and Internal Pentest Cheatsheets

  Language:HTML1.1k150215

• bats3c/DarkLoadLibrary

  LoadLibrary for offensive operations

  Language:C1.1k258205

• login-securite/DonPAPI

  Dumping DPAPI credz remotely

  Language:Python1k1839118

• SafeBreach-Labs/PoolParty

  A set of fully-undetectable process injection techniques abusing Windows Thread Pools

  Language:C++983163137

• mbrg/power-pwn

  An offensive security toolset for Microsoft 365 focused on Microsoft Copilot, Copilot Studio and Power Platform

  Language:Python868174388

• 0xZDH/o365spray

  Username enumeration and password spraying tool aimed at Microsoft O365.

  Language:Python78881397

• p3nt4/Invoke-SocksProxy

  Socks proxy, and reverse socks server using powershell.

  Language:PowerShell779237168

• pwn1sher/KillDefender

  A small POC to make defender useless by removing its token privileges and lowering the token integrity

  Language:C++674133124

• hasherezade/process_doppelganging

  My implementation of enSilo's Process Doppelganging (PE injection technique)

  Language:C584203117

• fortra/No-Consolation

  A BOF that runs unmanaged PEs inline

  Language:C5626766

• RedByte1337/GraphSpy

  Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

  Language:HTML5588262

• vxCrypt0r/Voidgate

  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.

  Language:C++4967383

• 0xEr3bus/PoolPartyBof

  A beacon object file implementation of PoolParty Process Injection Technique.

  Language:C3565243

• S3cur3Th1sSh1t/Caro-Kann

  Encrypted shellcode Injection to avoid Kernel triggered memory scans

  Language:C3536439

• Prepouce/CoercedPotato

  A Windows potato to privesc

  Language:C3514665

• Kudaes/Shelter

  ROP-based sleep obfuscation to evade memory scanners

  Language:Rust3255036

• D4stiny/ForkPlayground

  An implementation and proof-of-concept of Process Forking.

  Language:C++2218133

• EvanMcBroom/perfect-loader

  Load a dynamic library from memory by modifying the native Windows loader

  Language:C++2074132

• mandiant/ccmpwn

  Language:Python1862022

• OtterHacker/SetProcessInjection

  Language:C1453227

• realoriginal/grimreaper

  A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls

  Language:C1053036

• fkie-cad/yapscan

  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.

  Language:Go6072513

• MythicAgents/leviathan

  Language:JavaScript16605