brucebatman
interest in offsec & redteam engagements, currently unemployed and looking for work. i fork a lot, and i dream in code
Pinned Repositories
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
AtomLdr
A DLL loader with advanced evasive features
Augustus
Evasive Golang Loader
BatDLLLoader
BatBasic BatDLL BatLoader and injection into a Bat Process.
bin2shellcode
.bin file to shellcode convertor
Blackout
kill anti-malware protected processes (BYOVD)
BOF-patchit
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
Reaper
「💀」Proof of concept on BYOVD attack
RobineC2
C2 that would probably bypass everything since it's so simple, but not much features than execute commands, and get info from the victim machine.
brucebatman's Repositories
brucebatman/RobineC2
C2 that would probably bypass everything since it's so simple, but not much features than execute commands, and get info from the victim machine.
brucebatman/BatDLLLoader
BatBasic BatDLL BatLoader and injection into a Bat Process.
brucebatman/Reaper
「💀」Proof of concept on BYOVD attack
brucebatman/AtomLdr
A DLL loader with advanced evasive features
brucebatman/Christmas
brucebatman/Cloudflare-Redirector
Just another C2 Redirector using CloudFlare.
brucebatman/Cordyceps
C++ self-Injecting dropper based on various EDR evasion techniques.
brucebatman/etwunhook
Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.
brucebatman/ExecIT
Execute shellcode files with rundll32
brucebatman/FormThief
Spoofing desktop login applications with WinForms and WPF
brucebatman/GhostTask
brucebatman/Hooka
Evasive shellcode loader, hooks detector and more
brucebatman/InflativeLoading
Dynamically convert a native EXE to PIC shellcode by appending a shellcode stub
brucebatman/Jomungand
Shellcode Loader with memory evasion
brucebatman/KDU
Kernel Driver Utility
brucebatman/Killers
Exploitation of process killer drivers
brucebatman/LdrLibraryEx
A small x64 library to load dll's into memory.
brucebatman/MaldevAcademyLdr.1
brucebatman/MalwareDevelopment
The projects im more confident in while learning MalDev
brucebatman/Mshikaki
A shellcode injection tool showcasing various process injection techniques
brucebatman/MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
brucebatman/OffensivePascal
Pascal Offsec repo for malware dev and red teaming 🚩
brucebatman/PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
brucebatman/powerview.py
Just another Powerview alternative
brucebatman/Proxy-DLL-Loads
A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
brucebatman/RedTeamHelp
Tools I use on red team engagements and more
brucebatman/RemoteTLSCallbackInjection
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
brucebatman/SharpKiller
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
brucebatman/Tartarus-TpAllocInject
brucebatman/UnlinkDLL
DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable