naliferopoulos

naliferopoulos's Stars

• joaoviictorti/RustRedOps

  🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust

  Language:Rust1.4k201154

• DosX-dev/obfus.h

  Macro-header for compile-time C obfuscation (tcc, win x86/x64)

  Language:C98517476

• fiddyschmitt/File-Tunnel

  Tunnel TCP connections through a file

  Language:C#908153280

• YuriiCrimson/ExploitGSM

  Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5

  Language:C841109130

• ricardojoserf/NativeDump

  Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

  Language:C#5517480

• Ridter/atexec-pro

  Fileless atexec, no more need for port 445

  Language:Python3505343

• EgeBalci/deoptimizer

  Evasion by machine code de-optimization.

  Language:Rust3416122

• klezVirus/DriverJack

  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths

  Language:C++3204048

• trickster0/NamelessC2

  Nameless C2 - A C2 with all its components written in Rust

  Language:Rust2502031

• hasherezade/thread_namecalling

  Process Injection using Thread Name

  Language:C2455033

• trustedsec/The_Shelf

  Retired TrustedSec Capabilities

  Language:Python24224014

• WKL-Sec/LayeredSyscall

  Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.

  Language:C2313132

• sotasan/decompiler

  Java Decompiler GUI

  Language:Java2126614

• naksyn/DojoLoader

  Generic PE loader for fast prototyping evasion techniques

  Language:C1896343

• trustedsec/specula

  Language:Python1853419

• susMdT/LoudSunRun

  Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven

  Language:C1683126

• jsecurity101/ETWInspector

  Language:C++1543016

• Cobalt-Strike/bof-vs

  A Beacon Object File (BOF) template for Visual Studio

  Language:C++1532120

• ZERODETECTION/MSC_Dropper

  Language:Python1341025

• Octoberfest7/enumhandles_BOF

  Language:C1211016

• CENSUS/ghidra-frida-hook-gen

  Frida hook generator for Ghidra

  Language:Java11113112

• thiagopeixoto/winsos-poc

  A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.

  Language:C++1081025

• jdu2600/EtwTi-FluctuationMonitor

  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections

  Language:C++1053011

• xrombar/flower

  a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor

  Language:C96219

• paskalian/WID_LoadLibrary

  Reverse engineering winapi function loadlibrary.

  Language:C++783112

• SECFORCE/SharpASM

  SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections allocated by the CLR.

  Language:C#58309

• BehroozAbbassi/DriverAnalyzer

  A static analysis tool that helps security researchers scan a list of Windows kernel drivers for common vulnerability patterns in drivers (CVE makers!)

  Language:C++543018

• vlinx-io/NativeImageAnalyzer

  GraalVM NativeImage Decompilation/Reverse Tool

  19771

• dzervas/magicentry

  A smol identity provider

  Language:Rust620

• kr0tt/Norka

  Executing shellcode in RWX code caves using thread pools.

  Language:C50