seahop
Red Teamer. Just out here creating some simple PoCs for red teamy things. Amateur coder. No best practices here.
United States
Pinned Repositories
CPP_XOR
getPIDIntegrity
Injection
mimiRust
All credits to: github.com/ThottySploity/mimiRust (Original author deleted account so I uploaded for community use)
patchETW
Function to patch ETW with syscalls
RemoteProcDLLInject
RemoteShellcodeInjection_XOR
SyscallProcScan
Syscall process scanner
titan
Titan: A generic user defined reflective DLL for Cobalt Strike
seahop's Repositories
seahop/AMSI-ETW-Patch
Patch AMSI and ETW
seahop/Awesome_Malware_Techniques
This is a repository of resource about Malware techniques
seahop/CS-501-malware-course-public
seahop/cve
Gather and update all available and newest CVEs with their PoC.
seahop/CVE-2022-33679
One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
seahop/CVE-2022-37969
Windows LPE exploit for CVE-2022-37969
seahop/EntropyReducer
Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists
seahop/ErebusGate
ErebusGate for Nim Bypass AV/EDR
seahop/ExecASLR-ekoparty
seahop/HellHall
Performing Indirect Clean Syscalls
seahop/IDLE-Abuse
A method to execute shellcode using RegisterWaitForInputIdle API.
seahop/inline-syscall
Inline syscalls made for MSVC supporting x64 and x86
seahop/laZzzy
laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
seahop/LinkedInDumper
Python 3 script to dump company employees from LinkedIn API
seahop/MacPermissionsKit
The convenience wrapper on macOS permissions API, including Mojave Full Disk Access.
seahop/MemProcFS
MemProcFS
seahop/PatchGuardBypass
Bypassing PatchGuard on modern x64 systems
seahop/PatchlessCLRLoader
.NET assembly loader with patchless AMSI and ETW bypass
seahop/PhoenixC2
Command & Control-Framework created for collaboration in python3
seahop/pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
seahop/process-cloning
The Definitive Guide To Process Cloning on Windows
seahop/ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
seahop/Revenant
Revenant - A 3rd party agent for Havoc that aims to demonstrate evasion techniques in the context of a C2 framework
seahop/SharpHound4Cobalt
C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)
seahop/Shhhloader
Syscall Shellcode Loader (Work in Progress)
seahop/TerraLdr
A Payload Loader Designed With Advanced Evasion Features
seahop/WinDbg_Scripts
Useful scripts for WinDbg using the debugger data model
seahop/zeroimport
ZeroImport is a super-lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel driver by importing at runtime.
seahop/ZeroThreadKernel
Recursive and arbitrary code execution at kernel-level without a system thread creation
seahop/ZwProcessHollowing
ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption