Pinned Repositories
AceLdr
Cobalt Strike UDRL for memory scanner evasion.
Bot-Killer
Simple example of how to remove all malwares from disk and registry.
Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
File-Unpumper
Simple File unpumper for pepole who reversing Malwares
gargoyle
A memory scanning evasion technique
hidden
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
Huan
Encrypted PE Loader Generator
HVNC
Standalone HVNC Client & Server | Coded in C++ (Modified Tinynuke)
Invoke-ReflectivePEInjection
PowerSploit script updated to work on Windows 10 1803+
th30c0der's Repositories
th30c0der/Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
th30c0der/File-Unpumper
Simple File unpumper for pepole who reversing Malwares
th30c0der/Bitrat-Hvnc-Rat-Remote-Control-Av-Bypass
It is the latest version of the best PC RAT 2022 in the market. It is used by hackers to remotely access their victims.
th30c0der/CE-Extensions
Extensions I've made for Cheat Engine (place in autorun folder)
th30c0der/cheat-engine
Cheat Engine. A development environment focused on modding
th30c0der/CVE-2022-40684
A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
th30c0der/CVE-2022-41852
CVE-2022-41852 Proof of Concept (unofficial)
th30c0der/CVE-2023-21823_LPE
CVE-2023-21823 PoC
th30c0der/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
th30c0der/DiamondSorterReleased
Diamond Sorter is a AIO - Stealer Log Utility for checking, sorting, and cleaning Combolists, Stealer Log Cookies, Autofill Text data and more
th30c0der/Direct-Syscalls-vs-Indirect-Syscalls
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
th30c0der/elements
Open Source implementation of advanced blockchain features extending the Bitcoin protocol
th30c0der/google
th30c0der/jsmn
Jsmn is a world fastest JSON parser/tokenizer. This is the official repo replacing the old one at Bitbucket
th30c0der/json.h
🗄️ single header json parser for C and C++
th30c0der/Libbasicinfostealer
th30c0der/libwebsockets
canonical libwebsockets.org networking library
th30c0der/LPE-cve-2023-29360-
Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver
th30c0der/LW-HTTP-BOTNET-BANKING-ANDROID-IOS-WINDOWS-HVNC-RAT-Stealer
th30c0der/Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
th30c0der/mRemoteNG
mRemoteNG is the next generation of mRemote, open source, tabbed, multi-protocol, remote connections manager.
th30c0der/Muck-HTTP-Botnet-Card-Windows-Ios-Android
th30c0der/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
th30c0der/Rc4Encryption
ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
th30c0der/Real-Time-Voice-Cloning
Clone a voice in 5 seconds to generate arbitrary speech in real-time
th30c0der/ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
th30c0der/SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
th30c0der/Token-Grabber-Advanced
This is an advanced Discord token grabber which send you through a Discord webhook all account informations of the victim including new features (bio / banner...)
th30c0der/websocketpp
C++ websocket client/server library
th30c0der/whatsapp-viewer
Small tool to display chats from the Android msgstore.db database (crypt12)