Pinned Repositories
Block_Smartscreen_and_Security_Center_on_Windows_Operating_Systems
Blocking smartscreen, security center, forensic processes and 3rd party security applications on Windows Operating Systems
DPAPI
Information stored in applications is decrypted using DPAPI. In this way, attacker passwords may be captured. For use in attack scenarios, two applications written in Python language have been developed that steal the information stored in internet browsers: 1-Browser Stealer, 2-Browser Stealer Report
Ghost
"Ghost (RAT)" -> Reverse shell and management console for Windows
gngr_local_keylogger_for_windows
(On 06/04/2021) Local Keylogger software has been made for the latest up-to-date "Windows 7, 8 and 10" operatings systems. It managed to circumvent the "Windows Defender" program.
Gngr_network_tools
It is a tool for Windows operating systems that offer features such as "Show interface, Port scanner, network scanner, tracing route to ip, show registered wi-fi(s) and password"
HtmlSmuggling
HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and JavaScript features to hide malicious payloads and evade security detections. The HTML smuggling method is highly evasive. It could bypass standard perimeter security controls like web proxies and email gateways, which only check for suspicious attachments like EXE, DLL, ZIP, RAR, DOCX or PDF
JPGtoMalware
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.
Process_Monitoring_Tools
It is a program written in Python3 in order to facilitate process analysis and to easily access Windows process tools. In this way, it facilitates malware analysis processes. In addition, processes running in the background can be detected. After the program is started, it continues to run in the background. Afterwards, the tools can be accessed on the system tray.
Shodan_Search
Based on the Shodan API, it displays the open ports and security vulnerabilities of the server related to the entered ip or hostname.
ZIPtoMalware
It embeds the executable file or payload inside the zip/rar file. It can use two different methods. The first method embeds the executable or payload in the zip/rar file without any action. In this way, it can be triggered and run by documents in the compressed file or in the same folder. The second method encrypts the executable file or payload and it also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime. Both methods do not damage the rar/zip file. It is not detected by users. However, the first method can be detected by the antivirus depending on the code embedded.
abdulkadir-gungor's Repositories
abdulkadir-gungor/JPGtoMalware
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.
abdulkadir-gungor/HtmlSmuggling
HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and JavaScript features to hide malicious payloads and evade security detections. The HTML smuggling method is highly evasive. It could bypass standard perimeter security controls like web proxies and email gateways, which only check for suspicious attachments like EXE, DLL, ZIP, RAR, DOCX or PDF
abdulkadir-gungor/ZIPtoMalware
It embeds the executable file or payload inside the zip/rar file. It can use two different methods. The first method embeds the executable or payload in the zip/rar file without any action. In this way, it can be triggered and run by documents in the compressed file or in the same folder. The second method encrypts the executable file or payload and it also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime. Both methods do not damage the rar/zip file. It is not detected by users. However, the first method can be detected by the antivirus depending on the code embedded.
abdulkadir-gungor/Ghost
"Ghost (RAT)" -> Reverse shell and management console for Windows
abdulkadir-gungor/Shodan_Search
Based on the Shodan API, it displays the open ports and security vulnerabilities of the server related to the entered ip or hostname.
abdulkadir-gungor/Block_Smartscreen_and_Security_Center_on_Windows_Operating_Systems
Blocking smartscreen, security center, forensic processes and 3rd party security applications on Windows Operating Systems
abdulkadir-gungor/gngr_local_keylogger_for_windows
(On 06/04/2021) Local Keylogger software has been made for the latest up-to-date "Windows 7, 8 and 10" operatings systems. It managed to circumvent the "Windows Defender" program.
abdulkadir-gungor/Gngr_network_tools
It is a tool for Windows operating systems that offer features such as "Show interface, Port scanner, network scanner, tracing route to ip, show registered wi-fi(s) and password"
abdulkadir-gungor/Process_Monitoring_Tools
It is a program written in Python3 in order to facilitate process analysis and to easily access Windows process tools. In this way, it facilitates malware analysis processes. In addition, processes running in the background can be detected. After the program is started, it continues to run in the background. Afterwards, the tools can be accessed on the system tray.
abdulkadir-gungor/DPAPI
Information stored in applications is decrypted using DPAPI. In this way, attacker passwords may be captured. For use in attack scenarios, two applications written in Python language have been developed that steal the information stored in internet browsers: 1-Browser Stealer, 2-Browser Stealer Report
abdulkadir-gungor/Gngr_remote_keylogger
(On 09/04/2021) Remote Keylogger software has been made for the latest up-to-date "Windows 7, 8 and 10" operatings systems. It managed to circumvent the "Windows Defender" program.
abdulkadir-gungor/PSSW100AVB
A list of useful Powershell scripts with 100% AV bypass (At the time of publication).
abdulkadir-gungor/python_smtp
Sending email with python via smtp protocol
abdulkadir-gungor/Gngr_proxy_harvester
It checks the free proxy addresses it collects from websites and saves the working proxy addresses to the file.
abdulkadir-gungor/Gngr_requests
Allows creating and tracking http and https protocol calls. It also supports Proxy.
abdulkadir-gungor/SQLite3
It is a github directory that covers projects such as sqlite3 database usage, operation and recovery of deleted data using Python language.
abdulkadir-gungor/Simple_Malware_Analysis_For_Documents
"Simple Malware Analysis For Documents"<Language:English>It helps you to analyze in document type files. </Language:English><Language:Turkish>Doküman türü dosyalarda analiz yapmanıza yardımcı olur.</Language:Turkish>
abdulkadir-gungor/File_Research_Library
"File Research Library" <Language:English>It helps you examine document type files.</Language:English><Language:Turkish>Doküman türü dosyaları incelemenize yardımcı olur.</Language:Turkish>
abdulkadir-gungor/Linux_Binary_For_Malware_Analysis
"Linux Binary For Malware Analysis" eğitim amacıyla oluşturulmuştur.
abdulkadir-gungor/Scapy_Library_For_Wifi
"Scapy Library For Wifi" (Eğitim amacıyla) Scapy Kütüphanesindeki fonksiyonları kullanan WiFi bağlantısına yönelik betik kodlardır. Kullanılmak amacıyla kendi kütüphane fonksiyonları oluşturulmuştur. Kali linux işletim sisteminde kullanılmak için geliştirilmiştir.
abdulkadir-gungor/abdulkadir-gungor
Config files for my GitHub profile.