plackyhacker
I am me... just an amateur malware developer. If you use my code, don't be naughty, keep it legal!!!
Pinned Repositories
CmdLineSpoofer
How to spoof the command line when spawning a new process from C#.
DynamicEarlyBird
An example of using Dynamic Invoke to Inject Shellcode using the Early Bird Method.
Peruns-Fart
Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.
ps-encoder
A very simple python script to encode and decode PowerShell one-liners.
SandboxDefender
C# code to Sandbox Defender (and most probably other AV/EDRs).
Shellcode-Encryptor
A simple shell code encryptor/decryptor/executor to bypass anti virus.
Shellcode-Injection-Techniques
A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some techniques are better than others at bypassing AV.
Suspended-Thread-Injection
Another meterpreter injection technique using C# that attempts to bypass Defender
Sys-Calls
An example of using Syscalls in C# to get a meterpreter shell.
Unhook-BitDefender
Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.
plackyhacker's Repositories
plackyhacker/Shellcode-Encryptor
A simple shell code encryptor/decryptor/executor to bypass anti virus.
plackyhacker/Shellcode-Injection-Techniques
A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some techniques are better than others at bypassing AV.
plackyhacker/Suspended-Thread-Injection
Another meterpreter injection technique using C# that attempts to bypass Defender
plackyhacker/SandboxDefender
C# code to Sandbox Defender (and most probably other AV/EDRs).
plackyhacker/Sys-Calls
An example of using Syscalls in C# to get a meterpreter shell.
plackyhacker/Peruns-Fart
Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.
plackyhacker/CmdLineSpoofer
How to spoof the command line when spawning a new process from C#.
plackyhacker/Unhook-BitDefender
Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.
plackyhacker/ps-encoder
A very simple python script to encode and decode PowerShell one-liners.
plackyhacker/AMSI-Bypass
Another AMSI bypass - but in C++.
plackyhacker/PowerGhost
A custom run space to bypass AMSI and Constrained Language mode in PowerShell.
plackyhacker/Malicious-KeePass-Plugin
A malicious KeePass plugin to exfiltrate the master key.
plackyhacker/DynamicEarlyBird
An example of using Dynamic Invoke to Inject Shellcode using the Early Bird Method.
plackyhacker/misc-scripts
Miscellaneous Scripts
plackyhacker/OffensiveVBA
This repo covers some code execution and AV Evasion methods for Macros in Office documents
plackyhacker/Enumeration
Some .Net assemblies used to enumerate a host. Best when they are loaded in to memory.
plackyhacker/plackyhacker.github.io
plackyhacker/HEVD
My exploits for the HackSys Vulnerable Driver Project
plackyhacker/SecureCode1
Python exploit for the VulnHub OSWE practice box 'SecureCode1'
plackyhacker/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
plackyhacker/Evilginx3-Phishlets
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3.
plackyhacker/marra
Marra
plackyhacker/Sliver-Extension-Template
A Sliver Extension Template
plackyhacker/code_caver
Python based WinDbg script to automate the search for code caves in binaries and libraries.
plackyhacker/CVE-2021-3493
Ubuntu OverlayFS Local Privesc
plackyhacker/Device-Security-Guidance-Configuration-Packs
This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. These configurations are aimed primarily at government and other medium/large organisations.
plackyhacker/LAPSDumper
Dumping LAPS from Python
plackyhacker/passwordstate-decryptor
PowerShell script that decrypts password entries from a Passwordstate server.
plackyhacker/PowerSharpPack
plackyhacker/RazorVulnerableApp
DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SSTI). For training and testing purposes.