Pinned Repositories
Admin2Sys
Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM
Havoc-C2
The Havoc Framework
UUIDRegistryShellcode
Write and Hide each UUID in the char* array of UUIDS shellcode in a registry key value location as REG_SZ (the location could be different from the other), then retrieve them and assemble them in UUIDs char* array shellcode and Run it
WannaBeTrusted
WannaBeTrusted is a Windows utility engineered for privilege escalation by duplicating tokens from highly privileged processes to obtain SYSTEM and TrustedInstaller privileges.
WinDefenderKiller
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
xcalibure2's Repositories
xcalibure2/WannaBeTrusted
WannaBeTrusted is a Windows utility engineered for privilege escalation by duplicating tokens from highly privileged processes to obtain SYSTEM and TrustedInstaller privileges.
xcalibure2/.NET_PROFILER_DLL_LOADING
UAC Bypass using .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit is loading a malicious DLL using Task Scheduler (MMC) to bypass UAC and getting admin privileges.
xcalibure2/adPentest
Windows Active DIrectory Pentesting documentation.
xcalibure2/AMSIBypassPatch
This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerShell commands.
xcalibure2/apidetector
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
xcalibure2/awesome-bugbounty-tools
A curated list of various bug bounty tools
xcalibure2/BSQLi-2.0
reverse engineered and improved BSQLi script from Coffinxp
xcalibure2/CerealKiller
.NET deserialization hunter
xcalibure2/ChromeKatz
Dump cookies directly from Chrome process memory
xcalibure2/COMThanasia
A set of programs for analyzing common vulnerabilities in COM
xcalibure2/CVE-2024-21338
Windows AppLocker Driver (appid.sys) LPE
xcalibure2/Disable-TamperProtection
A POC to disable TamperProtection and other Defender / MDE components
xcalibure2/domscan
Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
xcalibure2/EDRPrison
Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
xcalibure2/IHxExec
Process injection alternative : inject into a session
xcalibure2/karma_v2
β‘·β πππππ ππΈβ β’Ύ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
xcalibure2/MDE_Enum
xcalibure2/MyMSIAnalyzer
Analyse MSI files for vulnerabilities
xcalibure2/NetExec
The Network Execution Tool
xcalibure2/NetExec-Lab
Lab used for workshop and CTF
xcalibure2/NT-AUTHORITY-SYSTEM-CONTEXT-RTCORE
This exploit rebuilds and exploit the CVE-2019-16098 which is in driver Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. Instead of hardcoded base address of Ntoskrnl.exe, I calculated it dynamically and recalulated the fields offsets
xcalibure2/NTLM-Stealer-PDF
xcalibure2/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
xcalibure2/RemoveNATfromWSL
Bridge your WSL instance onto to your network
xcalibure2/rootscan
Speed up your pentest enumeration
xcalibure2/shadow-rs
Windows Kernel Rootkit in Rust
xcalibure2/SharpIncrease
A Tool that aims to evade av with binary padding
xcalibure2/smbclient-ng
smbclient-ng, a fast and user friendly way to interact with SMB shares.
xcalibure2/TrickDump
Dump lsass using only NTAPIS running 3 programs to create 3 JSON and 1 ZIP file... and generate the Minidump later!
xcalibure2/XSSpector
XSSpector: A powerful tool for detecting XSS vulnerabilities in web apps. Advanced detection, customizable payloads, proxy support, and cookie management. Open-source and free to use.