allanp0e1

allanp0e1's Stars

• SilentVoid13/Silent_Log

  dead simple single-header library to display some colored log messages

  Language:C5

• SilentVoid13/Silent_Packer

  An ELF / PE binary packer written in pure C, made for fun

  Language:C8014

• janoglezcampos/llvm-yx-callobfuscator

  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.

  Language:C25830

• securifybv/Visual-Studio-BOF-template

  A Visual Studio template used to create Cobalt Strike BOFs

  Language:C28353

• securifybv/BOFRyptor

  Language:Assembly11819

• blue0x1/uac-bypass-oneliners

  Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applications to elevate privileges.

  8510

• retep998/winapi-rs

  Rust bindings to Windows API

  Language:Rust1.8k392

• kkent030315/anycall

  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration

  Language:C++22459

• EvilGreys/Hide-CobaltStrike

  Hide your CobaltStrike PRO

  15623

• iilegacyyii/ThreadlessInject-BOF

  BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.

  Language:C36752

• nasbench/Misc-Research

  A collection of tools, scripts and personal research

  Language:Python11216

• lsecqt/OffensiveCpp

  This repo contains C/C++ snippets that can be handy in specific offensive scenarios.

  Language:C++63869

• WithSecureLabs/ModuleStomping

  https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/

  Language:C++11324

• SafeBreach-Labs/pinjectra

  Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)

  Language:C++791157

• boku7/Ninja_UUID_Runner

  Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!

  Language:C43386

• kyleavery/AceLdr

  Cobalt Strike UDRL for memory scanner evasion.

  Language:C877160

• cr-0w/maldev

  ⚠️ malware development

  Language:C46056

• forrest-orr/moneta

  Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs

  Language:C++68482

• bytecode77/r77-rootkit

  Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

  Language:C1.7k398

• VioletGiraffe/cppcheck-vs-addin

  Visual Studio integration for cppcheck, an open-source static code analyzer for C++

  Language:C#41386

• CppCon/CppCon2022

  Slides and other materials from CppCon 2022

  52655

• QBouts/BitsOfQ

  Code from the BitsOfQ youtube channel

  Language:C++446

• zyantific/zydis

  Fast and lightweight x86/x86-64 disassembler and code generation library

  Language:C3.5k439

• D4stiny/ExceptionOrientedProgramming

  Abusing exceptions for code execution.

  Language:C10615

• maliciousgroup/RDI-SRDI

  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".

  Language:C758

• elastic/protections-artifacts

  Elastic Security detection content for Endpoint

  Language:YARA1k118

• Tylous/SourcePoint

  SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

  Language:Go1k154

• Idov31/Nidhogg

  Nidhogg is an all-in-one simple to use windows kernel rootkit.

  Language:C++1.8k265

• Idov31/Cronos

  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.

  Language:C56363

• netspooky/scare

  A multi-arch assembly REPL and emulator for your command line.

  Language:Python30514