Pinned Repositories
Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
CPU-X
CPU-X is a Free software that gathers information on CPU, motherboard and more.
Cronos-Rootkit
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
DLLHijackingScanner
This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.
Micro-Capstone-Engine-API-Documentation
This is an unofficial Capstone Disassembly Engine API document by kabeor
OSED
Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)
PlugIn
Plugin
SppExtComObjHook
WinAPI-Tricks
windows-api-function-cheatsheets
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
jilvan1234's Repositories
jilvan1234/windows-api-function-cheatsheets
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
jilvan1234/Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
jilvan1234/OSED
Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)
jilvan1234/AndroidDriveSignity
AndroidDriveSignity is a Python utility designed to bypass driver signature verification in Android kernel(ARMv8.3), facilitating the loading of custom drivers
jilvan1234/Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
jilvan1234/CVE-2023-25136
OpenSSH Pre-Auth Double Free CVE-2023-25136 POC
jilvan1234/CVE-2023-28229
jilvan1234/CVE-2023-29336
jilvan1234/CVE-2023-3079
jilvan1234/CVE-2023-36874
jilvan1234/CVE-2023-36874_BOF
Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
jilvan1234/CVE-2024-21338
Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
jilvan1234/CVE-2024-30088
jilvan1234/CVE-2024-38077
RDL的堆溢出导致的RCE
jilvan1234/CVE-2024-38077-POC
伪代码,备份用,非原创,请关注原文作者: 漏洞作者已经发布分析文章第一篇:https://sites.google.com/site/zhiniangpeng/blogs/MadLicense
jilvan1234/decrypt-chrome-passwords
jilvan1234/EATGuard
Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
jilvan1234/EvilSln
A New Exploitation Technique for Visual Studio Projects
jilvan1234/HITCON-2023-Demo-CVE-2023-20562
jilvan1234/MagicSigner
Signtool for expired certificates
jilvan1234/Medusa
Radical Windows ARK
jilvan1234/micore
It is mainly the implementation of user-level functions in the kernel on the Windows platform.
jilvan1234/PyWxDump
获取微信账号信息(昵称/账号/手机/邮箱/数据库密钥/wxid);PC微信数据库读取、解密脚本;聊天记录查看工具;聊天记录导出为html(包含语音图片)。支持多账户信息获取,支持所有微信版本。
jilvan1234/SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
jilvan1234/SupplyChainAttacks
jilvan1234/vmprotect-3.5.1
jilvan1234/VMProtect-Source
jilvan1234/windows_x64_shellcode_template
An easily modifiable shellcode template for Windows x64 written in C
jilvan1234/wow64ext
Another wow64ext to try to be compatible with WOW64 for all architectures.
jilvan1234/Xiaomi-BootLoader-Questionnaire
小米 BootLoader《解锁资格答题测试》更新记录