Pinned Repositories
0cchext
0CCh Windbg extension
1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
ACCUConf_PDFs
Slide PDFs for the ACCU conferences
akt
Armadillo Key Tool
Alesense-Antivirus
一款拥有完整交互界面与驱动级拦截能力的开源杀毒软件
AllTools
All reasonably stable tools
AndroidSecurityStudy
安卓应用安全学习
AnotherApexDebug
flexdebug-BETA
Type of Debugger which can be invoked as dll
Windows-Internals
all the fun stuff that windows has to offer
vatsalmasrani's Repositories
vatsalmasrani/Windows-Internals
all the fun stuff that windows has to offer
vatsalmasrani/1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
vatsalmasrani/BookCode
Source code for my books
vatsalmasrani/bypassUAC
基于注册表劫持BypassUAC
vatsalmasrani/ByteDance-HIDS
ByteDance-HIDS is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.
vatsalmasrani/CobaltStrike
CobaltStrike's source code
vatsalmasrani/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION
Support ALL Windows Version
vatsalmasrani/CVE-2020-16938
Bypassing NTFS permissions to read any files as unprivileged user.
vatsalmasrani/CVE-2020-16947
PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility)
vatsalmasrani/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
vatsalmasrani/EC_PRO-LAN
Early 2019 - late 2020. R.I.P. CVE-2020-12928 https://h0mbre.github.io/RyzenMaster_CVE/#
vatsalmasrani/EkoParty_Advanced_Fuzzing_Workshop
vatsalmasrani/execute-shellcode-pgext
Postgres Extension to Execute Shellcodes
vatsalmasrani/Fully-Undetectable-Techniques
vatsalmasrani/grab_beacon_config
vatsalmasrani/Il2CppDumper
Unity il2cpp reverse engineer
vatsalmasrani/Kernelhub
Windows 提权漏洞合集,附带编译环境,演示GIF图,漏洞详细信息,可执行文件
vatsalmasrani/ListRDPConnections
C# 读取本机对外RDP连接记录和其他主机对该主机的连接记录,从而在内网渗透中获取更多可通内网网段信息以及定位运维管理人员主机
vatsalmasrani/malware_training_vol1
Materials for Windows Malware Analysis training (volume 1)
vatsalmasrani/masqueradeCmdline
A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
vatsalmasrani/MemScanner
Analyze Windows x64 Kernel Memory Layout
vatsalmasrani/NtCompareSigningLevel-hook
swap the function pointer in NtCompareSigningLevels for undetected driver communication.
vatsalmasrani/PCIBan
A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.
vatsalmasrani/redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
vatsalmasrani/Shell_Protect
VM一键加壳/脱壳,全压缩,反调试等
vatsalmasrani/shellcodeloader
shellcodeloader
vatsalmasrani/solorigate_sample_source
Decompile of the Solorwinds "SUNBURST" Trojan associated with Campaign UNC2452 This is the SolarWinds.Orion.Core.BusinessLayer.dll file from the v2019.4.5220-Hotfix5.msp Patch
vatsalmasrani/umap
UEFI bootkit for driver manual mapping
vatsalmasrani/Win_Rootkit
A kernel-mode rootkit with remote control
vatsalmasrani/Windows-classic-samples
This repo contains samples that demonstrate the API used in Windows classic desktop applications.