Pinned Repositories
2021_Hvv
2021 hw
ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
AMSI.fail
C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
angr
A powerful and user-friendly binary analysis platform!
Antivirus-Artifacts
Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
AQUARMOURY
My musings in C and offensive tooling
artifacts
Digital Forensics Artifact Repository
artifacts-kit
Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
fnsank's Repositories
fnsank/ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
fnsank/artifacts-kit
Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
fnsank/DInvokeProcessHollowing
fnsank/DotNetExp
fnsank/ElevateKit
The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.
fnsank/Erebus
CobaltStrike后渗透测试插件
fnsank/Evasor
A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies
fnsank/Fermion
Fermion, an electron wrapper for Frida & Monaco.
fnsank/GhostBuild
GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects
fnsank/HellsGate
Original C Implementation of the Hell's Gate VX Technique
fnsank/injdrv
proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
fnsank/keystone
Keystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings
fnsank/MemoryModulePP
modify from memorymodule. support exception
fnsank/NET-Obfuscate
Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI
fnsank/Nt-Modules
Collect different versions of Crucial modules.
fnsank/Poison-Ivy-Reload
Poison Ivy Remote administrator tool Reload
fnsank/process_doppelganging
My implementation of enSilo's Process Doppelganging (PE injection technique)
fnsank/RedPeanut
RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.
fnsank/Run-in-Sandbox
Run PS1, VBS, EXE, MSI in Windows Sandbox very quickly just from a right-click
fnsank/Sharp-Suite
My musings with C#
fnsank/SharpHellsGate
C# Implementation of the Hell's Gate VX Technique
fnsank/SilkETW
fnsank/SNETCracker
超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码、弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。
fnsank/Telemetry
WINDOWS TELEMETRY权限维持
fnsank/TikiTorch
Process Injection
fnsank/UAC-SilentClean
New UAC bypass for Silent Cleanup for CobaltStrike
fnsank/umap
UEFI bootkit for driver manual mapping
fnsank/UnhookingPOC
A small commented POC for removing API hooks placed by AV/EDR.
fnsank/Virtuailor
IDAPython tool for creating automatic C++ virtual tables in IDA Pro
fnsank/WMIHACKER
A Bypass Anti-virus Software Lateral Movement Command Execution Tool