Pinned Repositories
AceLdr
Cobalt Strike UDRL for memory scanner evasion.
ADPT
DLL proxying for lazy people
Aggressor-NTFY
Cobalt Strike notifications via NTFY.
Alaris
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
AM0N-Eye
arsenal-rs
Rusty Process Injection / Post-Exploitation Techniques
AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
avred
Analyse your malware to chirurgicaly obfuscate it
avred-server
an0x03e8's Repositories
an0x03e8/AM0N-Eye
an0x03e8/arsenal-rs
Rusty Process Injection / Post-Exploitation Techniques
an0x03e8/AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
an0x03e8/avred-server
an0x03e8/COFFLoader
an0x03e8/ContextMenuHijack
Execute a payload at each right click on a file/folder in the explorer menu for persistence
an0x03e8/CustomEntryPoint
Select any exported function in a dll as the new dll's entry point.
an0x03e8/defender-updatecontrols
an0x03e8/disobeyrecon23.github.io
Workshop slides
an0x03e8/DumpThatLSASS-Bof
Patch Etw and Dump lsass mem
an0x03e8/EDRs
an0x03e8/Fiber
Using fibers to run in-memory code in a different and stealthy way.
an0x03e8/Freeze.rs
Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
an0x03e8/HardHatC2
A c# Command & Control framework
an0x03e8/HeapCrypt
Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap
an0x03e8/HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
an0x03e8/Inline-Execute-PE
Execute unmanaged Windows executables in CobaltStrike Beacons
an0x03e8/Limelighter
A tool for generating fake code signing certificates or signing real ones
an0x03e8/mordor-rs
Rusty Hell's Gate / Halo's Gate / Tartarus' Gate and FreshyCalls / SysWhispers1 / SysWhispers2 / SysWhispers3 Library
an0x03e8/Offensive-Rust
an0x03e8/OffensiveRust
Rust Weaponization for Red Team Engagements.
an0x03e8/PatchlessCLRLoader
.NET assembly loader with patchless AMSI and ETW bypass
an0x03e8/PatchlessInlineExecute-Assembly
Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
an0x03e8/PersistBOF
A BOF to automate common persistence tasks for red teamers
an0x03e8/ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
an0x03e8/Split
Apply a divide and conquer approach to bypass EDRs
an0x03e8/stealth-win
an0x03e8/ThreadlessInject
Threadless Process Injection using remote function hooking.
an0x03e8/ThreadlessInject-BOF
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
an0x03e8/Win32_Offensive_Cheatsheet
Win32 and Kernel abusing techniques for pentesters