ilbaroni's Repositories
ilbaroni/ADModule
Microsoft signed ActiveDirectory PowerShell module
ilbaroni/AmsiPEBWalkVBAx64
ilbaroni/AmsiScanBufferBypass
Circumvent AMSI by patching AmsiScanBuffer
ilbaroni/aplib
Module for decompressing aPLib compressed data
ilbaroni/bluekeep-1
Public work for CVE-2019-0708
ilbaroni/brieflz
Small fast Lempel-Ziv compression library
ilbaroni/CJMCU_ATMEGA32U4_BADUSB
A simple guide of how to use a BADUSB clone to work with rubber ducky scripts
ilbaroni/CSCWCNG-fake-dll
ilbaroni/CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
ilbaroni/DAMP
The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
ilbaroni/defcon_27_windbg_workshop
DEFCON 27 workshop - Modern Debugging with WinDbg Preview
ilbaroni/demiguise
HTA encryption tool for RedTeams
ilbaroni/emotet_network_protocol
ilbaroni/game-hacking
Tutorials, tools, and more as related to reverse engineering video games.
ilbaroni/Hob0Rules
Password cracking rules for Hashcat based on statistics and industry patterns
ilbaroni/ISFB_Tools
List of tools to assist in analyzing samples of ISFB/Gozi/Ursnif
ilbaroni/librho
ilbaroni/linux-exploitation-course
A Course on Intermediate Level Linux Exploitation
ilbaroni/MaliciousMacroMSBuild
Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.
ilbaroni/Malware-Analysis-Training
Retired beginner/intermediate malware analysis training materials from @pedramamini and @erocarrera.
ilbaroni/NDSEventTool.nds
Mystery gift injector for Nintendo DS (NDS)
ilbaroni/PE-Dump-Fixer
PE-Dump-Fixer
ilbaroni/ppdump-public
Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDump() Shellcode
ilbaroni/pylzmat
Bindings for LZMAT library.
ilbaroni/RunPE-In-Memory
Run a Exe File (PE Module) in memory (like what Software Packer Do)
ilbaroni/SweetPotato
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
ilbaroni/SysWhispers
AV/EDR evasion via direct system calls.
ilbaroni/TRunPE
A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original entrypoint.
ilbaroni/VBA-RunPE
A VBA implementation of the RunPE technique or how to bypass application whitelisting.
ilbaroni/zloader_c2_comms
A companion to the blog post for C2 comms