Pinned Repositories
Attacker_Infrastructure_Setup
BestEdrOfTheMarket
Little AV/EDR bypassing lab for training & learning purposes
CaveCarver
CaveCarver - PE backdooring tool which utilizes and automates code cave technique
detection-rules
Rules for Elastic Security's detection engine
FileExtractor
C++ Code to Extract Windows File and Receive in Linux Machine
Pandora-Hvnc-Hidden-Browser-Real-Vnc-Working-Chromium-Edge-Opera-Gx
Hidden Features Full Hidden Access Hidden Desktop Hidden Browsers Hidden Cmd Clone Profile Hidden PowerShell Hidden Explorer Hidden Startup Hidden Applications
PrivilegeEscalationClass
C++ Privilege Escalation Class to execute Process As Admin from User and Process as NT AUTHORITY SYSTEM from Admin
SymProcSleuth
A pure C version of SymProcAddress
Valkyries-Embrace
Valkyrie's Embrace is a tool written in the Odin programming language that allows executing shellcode on a remote system.
windows-ps-callbacks-experiments
Files for http://deniable.org/windows/windows-callbacks
a7t0fwa7's Repositories
a7t0fwa7/Marble
The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
a7t0fwa7/Stinger
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.
a7t0fwa7/0up
0up is a zero-knowledge, open-source, encrypted file sharing service
a7t0fwa7/Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
a7t0fwa7/catdumper
LSASS Credential Dumper that utilizes the Windows API, in-memory RC4 encryption and Base64 encoding, and HTTPS exfiltration.
a7t0fwa7/Chariot-Tackle
A small, easy to use API for making indirect syscalls locally.
a7t0fwa7/Cloudflare-Redirector
Just another C2 Redirector using CloudFlare.
a7t0fwa7/codecave-hook
codecave hook reverse engineering toolkit.
a7t0fwa7/EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
a7t0fwa7/EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
a7t0fwa7/egghunters
Windows SEH based egghunter
a7t0fwa7/Evilginx3-Phishlets
Exclusive Phishlets Available Here: www.patreon.com/SimplerHacking
a7t0fwa7/GoPhish-Microsoft-Login
A fake Microsoft login page optimized for GoPhish campaigns
a7t0fwa7/GoPhish-Templates
GoPhish Templates that I have retired and/or templates I've recreated.
a7t0fwa7/interruptible_thread
a7t0fwa7/IPCObjects
C++ Code to perform IPC (Inter Process Connection) to share C++ Objects/Structures with other processes
a7t0fwa7/Memory-Patcher
Simple Memory Patcher Made With API Hooking
a7t0fwa7/MinHookDisabler
Small external program that will attempt to detect and disable minhook hooks in a process
a7t0fwa7/MoreEvilginx2-Phishlets
Many Evilginx2 Phishlets Uptodate
a7t0fwa7/PentestGPT
A GPT-empowered penetration testing tool
a7t0fwa7/PhishingTemplate
Plantillas de Mail y Login para realizar auditorias de campañas de phishing autorizadas. Ambientado a GoPhish
a7t0fwa7/PsMapExec
A PowerShell tool that takes strong inspiration from CrackMapExec.
a7t0fwa7/RflDllOb
Reflective DLL Injection - M++
a7t0fwa7/RPS
Rotating Proxy Server
a7t0fwa7/S12URootkit
User Mode Windows Rootkit
a7t0fwa7/sleeper-agents-paper
Contains random samples referenced in the paper "Sleeper Agents: Training Robustly Deceptive LLMs that Persist Through Safety Training".
a7t0fwa7/swarm
Formerly known as axiom, swarm is the next generation of distributed cloud scanning and attack surface monitoring.
a7t0fwa7/taser
Python resource library for creating security related tooling
a7t0fwa7/ThreadlessInject-C
This repository implements Threadless Injection in C
a7t0fwa7/DeHashed-API-Tool
A command-line tool to query the DeHashed API. Easily search for various parameters like usernames, emails, hashed passwords, IP addresses, and more.