Pinned Repositories
3vilGu4rd
This is a daemon process which make a programe runing all time.
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
exploit-db
exploit-db
flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
malware-analysis
malware-analysis
malware-development
malware-development
reloc2
low level reverse engineer
reloc2's Repositories
reloc2/reloc2
low level reverse engineer
reloc2/uacm-dev
Defeating Windows User Account Control
reloc2/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
reloc2/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
reloc2/APT_REPORT
Interesting APT Report Collection And Some Special IOC
reloc2/AtlasLdr
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
reloc2/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
reloc2/exploit-db
exploit-db
reloc2/flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
reloc2/malware-analysis
malware-analysis
reloc2/malware-development
malware-development
reloc2/atomic-red-team-dev
Small and highly portable detection tests based on MITRE's ATT&CK.
reloc2/CAudit
集权设施扫描器
reloc2/cf
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
reloc2/ChromeKatz-dev
Dump cookies directly from Chrome process memory
reloc2/cobalt-strike-beacon-dev
not a reverse-engineered version of the Cobalt Strike Beacon
reloc2/EDRSandblast
reloc2/EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
reloc2/go-exploit-dev
A Go-based Exploit Framework
reloc2/no-defender-dev
https://mp.weixin.qq.com/s/w_om7lX3czwNT0iohtF1AQ
reloc2/osmedeus
A Workflow Engine for Offensive Security
reloc2/PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
reloc2/PPLrevenant
Bypass LSA protection using the BYODLL technique
reloc2/Quasar-dev
Remote Administration Tool for Windows
reloc2/Rat-winos4.0-gh0st
免杀远控木马源码整理开源(银狐 winos 大灰狼 gh0st) Rat
reloc2/rust-dev
rust dev
reloc2/shadow-rs
Windows Kernel Rootkit in Rust
reloc2/syzkaller
syzkaller is an unsupervised coverage-guided kernel fuzzer
reloc2/WindowsDowndate-dev
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
reloc2/x64dbg-xfg-marker
An x64dbg plugin which marks XFG call signatures as data