seahop
Red Teamer. Just out here creating some simple PoCs for red teamy things. Amateur coder. No best practices here.
United States
Pinned Repositories
CPP_XOR
getPIDIntegrity
Injection
mimiRust
All credits to: github.com/ThottySploity/mimiRust (Original author deleted account so I uploaded for community use)
patchETW
Function to patch ETW with syscalls
RemoteProcDLLInject
RemoteShellcodeInjection_XOR
SyscallProcScan
Syscall process scanner
titan
Titan: A generic user defined reflective DLL for Cobalt Strike
seahop's Repositories
seahop/tweetter
Simple Twitter Bot, made with Selenium and JavaScript.
seahop/LdrLockLiberator
For when DLLMain is the only way
seahop/SharpKiller
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
seahop/C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
seahop/arm64_macOS_Syscalls
seahop/Split
Apply a divide and conquer approach to bypass EDRs
seahop/BounceBack
↕️🤫 Stealth redirector for your red team operation security
seahop/LatLoader
PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
seahop/odin
odin c2
seahop/moonshine
seahop/Proxycalls
miscellaneous codes
seahop/HeaderLessPE
seahop/NetExec
The Network Execution Tool
seahop/Windows-Internals
Important notes and topics on my journey towards mastering Windows Internals
seahop/KBlast
Windows Kernel Offensive Toolset
seahop/ContainYourself
A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
seahop/Supernova
Real fucking shellcode encryption tool.
seahop/EDRSandblast-GodFault
EDRSandblast-GodFault
seahop/SimpleEDR
Simple EDR that injects a DLL into a process to place a hook on specific Windows API
seahop/CVE-2023-36874_BOF
Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
seahop/RandomTSScripts
Collection of random RedTeam scripts.
seahop/SharpBlackout
Terminate AV/EDR leveraging BYOVD attack
seahop/CVE-2023-36874
CVE-2023-36874 PoC
seahop/snafflepy
Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler
seahop/FuncoPop
Tools for attacking Azure Function Apps
seahop/DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
seahop/NoFilter
seahop/DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
seahop/KRBUACBypass
UAC Bypass By Abusing Kerberos Tickets
seahop/DNSleuth
DNSleuth sniffs DNS packets, i.e, allowing you to spy on the DNS queries your machine is making