rhakb

rhakb's Stars

• google/fuzzing

  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing

  Language:C++3.5k11330429

• esrrhs/pingtunnel

  Pingtunnel is a tool that send TCP/UDP traffic over ICMP

  Language:Go3.1k760527

• pingc0y/URLFinder

  一款快速、全面、易用的页面信息提取工具，可快速发现和提取页面中的JS、URL和敏感信息。

  Language:Go2.6k23101194

• jmpoep/vmprotect-3.5.1

  Language:C++1.8k3641.2k

• KimJun1010/WeblogicTool

  WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）

  1.5k1010106

• chainreactors/gogo

  面向红队的, 高度可控可拓展的自动化引擎

  Language:Go1.4k2653140

• bitsadmin/nopowershell

  PowerShell rebuilt in C# for Red Teaming purposes

  Language:C#963231135

• SafeBreach-Labs/PoolParty

  A set of fully-undetectable process injection techniques abusing Windows Thread Pools

  Language:C++922133128

• xiaogang000/XG_NTAI

  用于Webshell木马免杀、流量加密传输，多多支持star

  723141058

• Idov31/Cronos

  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.

  Language:C5559263

• med0x2e/ExecuteAssembly

  Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).

  Language:C++538193107

• alphaSeclab/injection-stuff

  PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts

  501240140

• langsasec/Sign-Sacker

  Sign-Sacker(签名掠夺者)：一款数字签名复制器，可将其他官方exe中数字签名，图标，详细信息复制到没有签名的exe中，作为免杀，权限维持，伪装的一种小手段。

  Language:Python4856472

• nettitude/SharpSocks

  Tunnellable HTTP/HTTPS socks4a proxy written in C# and deployable via PowerShell

  Language:C#47162183

• netero1010/GhostTask

  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

  Language:C4596155

• boku7/spawn

  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing.

  Language:C42714069

• hfiref0x/WDExtract

  Extract Windows Defender database from vdm files and unpack it

  Language:C42114461

• N7WEra/BofAllTheThings

  Creating a repository with all public Beacon Object Files (BoFs)

  4098049

• gh0stkey/avList

  avList - 杀软进程对应杀软名称

  Language:JavaScript3949577

• 0xEr3bus/PoolPartyBof

  A beacon object file implementation of PoolParty Process Injection Technique.

  Language:C3145137

• icyguider/LatLoader

  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.

  Language:C++2665231

• 3gstudent/Eventlogedit-evtx--Evolution

  Remove individual lines from Windows XML Event Log (EVTX) files

  Language:C++256221762

• mertdas/RedPersist

  Language:C#2134033

• Pizz33/360QVM_bypass

  通过生成不同hash的ico并写入程序中，实现批量bypass360QVM

  Language:Python2063219

• rememberber/MooInfo

  Visual implementation of OSHI, to view information about the system and hardware.

  Language:Java2047730

• nettitude/Tartarus-TpAllocInject

  Language:C++17210126

• EddieIvan01/rustdesk-hvnc

  HVNC based on RustDesk

  Language:Rust793010

• nothingspecialforu/EvtPsst

  EvtPsst

  Language:C53105

• cream-sec/SharpSocks5

  Tunnellable HTTP/HTTPS socks5 proxy written in C#

  Language:C#264

• evilashz/AddShare

  添加Windows机器网络共享文件夹

  Language:C++720