Pinned Repositories
Cooolis-ms
Cooolis-ms是一个包含了Metasploit Payload Loader、Cobalt Strike External C2 Loader、Reflective DLL injection的代码执行工具,它的定位在于能够在静态查杀上规避一些我们将要执行且含有特征的代码,帮助红队人员更方便快捷的从Web容器环境切换到C2环境进一步进行工作。
financial-freedom
sleepmask_PatchlessHook
Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
jeffchan69's Repositories
jeffchan69/SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
jeffchan69/Webshell-loader
ASPX内存执行shellcode,绕过Windows Defender(AV/EDR)
jeffchan69/PoolPartyBof
A beacon object file implementation of PoolParty Process Injection Technique.
jeffchan69/PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
jeffchan69/CallstackSpoofingPOC
C++ self-Injecting dropper based on various EDR evasion techniques.
jeffchan69/StandIn
StandIn is a small .NET35/45 AD post-exploitation toolkit
jeffchan69/KrakenMask
Sleep obfuscation
jeffchan69/Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
jeffchan69/ActiveMQ-RCE
ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具, 基于 Go 语言
jeffchan69/noWatch
Implant drop-in for EDR testing
jeffchan69/CVE-2023-46604-ActiveMQ-RCE-pseudoshell
This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell. The vulnerability allows for remote code execution due to unsafe deserialization within the OpenWire protocol.
jeffchan69/.NetConfigLoader
.net config loader
jeffchan69/exploits-
Repository to store exploits created by Assetnotes Security Research team
jeffchan69/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
jeffchan69/No-Consolation
A BOF that runs unmanaged PEs inline
jeffchan69/LdrLibraryEx
A small x64 library to load dll's into memory.
jeffchan69/CVE-2023-46604
jeffchan69/CVE-2023-22518
An Exploitation tool to exploit the confluence server that are vulnerable to CVE-2023-22518 Improper Authorization
jeffchan69/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ
Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)
jeffchan69/DefenderPathExclusions
Creation and removal of Defender path exclusions and exceptions in C#.
jeffchan69/AMSI-Reaper
jeffchan69/CVE-2023-4966-
CVE-2023-4966 - NetScaler ADC and NetScaler Gateway Memory Leak Exploit
jeffchan69/SharpKiller
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
jeffchan69/CVE-2023-4966
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
jeffchan69/wifi_db
Script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes, MGT identities, interesting relations between APs, clients and it's Probes, WPS information and a global view of all the APs seen.
jeffchan69/GhostTask
jeffchan69/Proxy-DLL-Loads-
A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
jeffchan69/gMSADumper
Lists who can read any gMSA password blobs and parses them if the current user has access.
jeffchan69/CVE-2023-22515-Scan
Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence
jeffchan69/CVE-2023-4911
CVE-2023-4911 proof of concept