Pinned Repositories
auto-api-hashing
Fully automate API hashing in any existing projects
C2
A basic C2 framework written in C
clsbombing
A novel process injection technique using tagCLS based on atombombing
ghostwriting-2
A process injection technique using only thread context manipulation
hvnc
A basic performant HVNC implementation
runpe-x64
RunPE adapted for x64 and written in C, does not use RWX
sandbox-detect
Effective cloud sandbox detection from ring 3
sleep-obf
A simple gargoyle-style sleep with memory encryption, implemented for x86 in pure ROP, no APCs involved.
sudo-grabber
Grab passwords entered into su/sudo using LD_PRELOAD hooks
systrace
Bypass usermode hooking, while preserving full stack frame
fern89's Repositories
fern89/C2
A basic C2 framework written in C
fern89/runpe-x64
RunPE adapted for x64 and written in C, does not use RWX
fern89/ghostwriting-2
A process injection technique using only thread context manipulation
fern89/sudo-grabber
Grab passwords entered into su/sudo using LD_PRELOAD hooks
fern89/clsbombing
A novel process injection technique using tagCLS based on atombombing
fern89/hvnc
A basic performant HVNC implementation
fern89/sandbox-detect
Effective cloud sandbox detection from ring 3
fern89/systrace
Bypass usermode hooking, while preserving full stack frame
fern89/sleep-obf
A simple gargoyle-style sleep with memory encryption, implemented for x86 in pure ROP, no APCs involved.
fern89/auto-api-hashing
Fully automate API hashing in any existing projects
fern89/citation-c2
Abusing citation generators as C2
fern89/stocks-dga
Domain generation algorithm based on stock prices
fern89/sysbootstrap
Full IAT unhooking of all ntdll functions called from kernel32
fern89/fern89.github.io
fern89/vulnerabilities
Random vulnerabilities I find