Pinned Repositories
Cooolis-ms
Cooolis-ms是一个包含了Metasploit Payload Loader、Cobalt Strike External C2 Loader、Reflective DLL injection的代码执行工具,它的定位在于能够在静态查杀上规避一些我们将要执行且含有特征的代码,帮助红队人员更方便快捷的从Web容器环境切换到C2环境进一步进行工作。
financial-freedom
sleepmask_PatchlessHook
Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
jeffchan69's Repositories
jeffchan69/bloodyAD
BloodyAD is an Active Directory Privilege Escalation Framework
jeffchan69/BobTheSmuggler
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
jeffchan69/Cobalt-Strike
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
jeffchan69/CVE-2023-36003-POC
Privilege escalation using the XAML diagnostics API (CVE-2023-36003)
jeffchan69/CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
jeffchan69/CVE-2024-24576-PoC
Example of CVE-2024-24576 use case.
jeffchan69/CVE-2024-3400
CVE-2024-3400 Palo Alto OS Command Injection
jeffchan69/DynamicDotNet
A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
jeffchan69/EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
jeffchan69/EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
jeffchan69/EDRNoiseMaker
Detect WFP filters blocking EDR communications
jeffchan69/EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
jeffchan69/eop
The Elevation of Privilege Threat Modeling Game
jeffchan69/EternelSuspention
a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
jeffchan69/frida-interception-and-unpinning
Frida scripts to directly MitM all HTTPS traffic from a target mobile application
jeffchan69/FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to DM if you find some bugs :)
jeffchan69/GamingServiceEoP
jeffchan69/garble
Obfuscate Go builds
jeffchan69/gcp_scanner
A comprehensive scanner for Google Cloud
jeffchan69/GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
jeffchan69/Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
jeffchan69/mortar
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
jeffchan69/MutationGate
Use hardware breakpoint to dynamically change SSN in run-time
jeffchan69/Mythic
A collaborative, multi-platform, red teaming framework
jeffchan69/POC
2023HW漏洞整理,收集整理漏洞EXp/POC,大部分漏洞来源网络,目前收集整理了100多个poc/exp
jeffchan69/prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
jeffchan69/ScoutSuite
Multi-Cloud Security Auditing Tool
jeffchan69/SSH-Snake
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
jeffchan69/Stormspotter
Azure Red Team tool for graphing Azure and Azure Active Directory objects
jeffchan69/SuperSharpShares
SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your associated domain account.