Pinned Repositories
Attacker_Infrastructure_Setup
BestEdrOfTheMarket
Little AV/EDR bypassing lab for training & learning purposes
CaveCarver
CaveCarver - PE backdooring tool which utilizes and automates code cave technique
detection-rules
Rules for Elastic Security's detection engine
FileExtractor
C++ Code to Extract Windows File and Receive in Linux Machine
Pandora-Hvnc-Hidden-Browser-Real-Vnc-Working-Chromium-Edge-Opera-Gx
Hidden Features Full Hidden Access Hidden Desktop Hidden Browsers Hidden Cmd Clone Profile Hidden PowerShell Hidden Explorer Hidden Startup Hidden Applications
PrivilegeEscalationClass
C++ Privilege Escalation Class to execute Process As Admin from User and Process as NT AUTHORITY SYSTEM from Admin
SymProcSleuth
A pure C version of SymProcAddress
Valkyries-Embrace
Valkyrie's Embrace is a tool written in the Odin programming language that allows executing shellcode on a remote system.
windows-ps-callbacks-experiments
Files for http://deniable.org/windows/windows-callbacks
a7t0fwa7's Repositories
a7t0fwa7/InjectHook
A lightweight C++ library designed for function interception within injected DLLs, providing a streamlined approach to modifying application behavior at runtime. Ideal for educational purposes, debugging, and dynamic software analysis.
a7t0fwa7/Jomungand
Shellcode Loader with memory evasion
a7t0fwa7/legba
A multiprotocol credentials bruteforcer / password sprayer and enumerator.
a7t0fwa7/NinjaInjector
Classic Process Injection with Memory Evasion Techniques implemantation
a7t0fwa7/CSharp-Alt-Shellcode-Callbacks
A collection of (even more) alternative shellcode callback methods in CSharp
a7t0fwa7/DCSync-To-Hashcat
Performs DCSync, extracts all hashes in a Hashcat friendly format
a7t0fwa7/DictionShellcode
Encode shellcode into dictionary words for evasion
a7t0fwa7/DLL-Spoofer
POC for a DLL spoofer to determine DLL Hijacking
a7t0fwa7/ExecuteMemoryAllocator
Execute Memory Allocator
a7t0fwa7/fruitygack
a7t0fwa7/GhostTask
a7t0fwa7/injectorLib
Library for injecting a shared library into a Linux or Windows process
a7t0fwa7/Kernel_VADInjector
Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
a7t0fwa7/libllm
a7t0fwa7/LinikatzV2
linikatz is a tool to attack AD on UNIX
a7t0fwa7/Malware_Weaponization
A curated list of tools and techniques written from experience in weaponization of malware
a7t0fwa7/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
a7t0fwa7/Mshikaki
A shellcode injection tool capable of bypassing AMSI. Features the QueueUserAPC() injection technique and supports XOR encryption
a7t0fwa7/noVNC_Kiosk
VNC client web application
a7t0fwa7/Offensive-Reverse-Shell-Cheat-Sheet
Collection of reverse shells for red team operations, penetration testing, and offensive security.
a7t0fwa7/open-interpreter
OpenAI's Code Interpreter in your terminal, running locally.
a7t0fwa7/PME-Scripts
a7t0fwa7/PrivescCheck
Privilege Escalation Enumeration Script for Windows
a7t0fwa7/RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
a7t0fwa7/S4Mapper
a7t0fwa7/TrampHooker
A mechanism that trampoline hooks functions in x86/x64 systems.
a7t0fwa7/VulnerableScanner
this simple tool scans drivers for potential arbitrary writing vulnurabilities using their IAT. this tool was used as part of my windows rootkit to initially search for vulnurable drivers to exploit (before using CVE database)
a7t0fwa7/Windows-Local-Privilege-Escalation-CheatSheet
Windows Privilege Escalation Methodology
a7t0fwa7/Zero-Import-Malware
Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetModuleHandle windows APIs.
a7t0fwa7/KrakenMask
Sleep obfuscation