Pinned Repositories
Admin2Sys
Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM
Havoc-C2
The Havoc Framework
UUIDRegistryShellcode
Write and Hide each UUID in the char* array of UUIDS shellcode in a registry key value location as REG_SZ (the location could be different from the other), then retrieve them and assemble them in UUIDs char* array shellcode and Run it
WannaBeTrusted
WannaBeTrusted is a Windows utility engineered for privilege escalation by duplicating tokens from highly privileged processes to obtain SYSTEM and TrustedInstaller privileges.
WinDefenderKiller
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
xcalibure2's Repositories
xcalibure2/10000-h1-disclosed-reports
10,000 H1 Disclosed Reports
xcalibure2/ADCSCoercePotato
another technique for coercing machine authentication but specific for ADCS server
xcalibure2/adiskreader
Async Python library to parse local and remote disk images.
xcalibure2/Banshee
Experimental Windows x64 Kernel Rootkit.
xcalibure2/BobTheSmuggler
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
xcalibure2/Chaos-Rootkit
Now You See Me, Now You Don't
xcalibure2/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
Microsoft-Outlook-Remote-Code-Execution-Vulnerability
xcalibure2/CVE-2024-23897
Jenkins CVE-2024-23897 Arbitrary file read vulnerability through the CLI can lead to RCE
xcalibure2/cvemap
Navigate the CVE jungle with ease.
xcalibure2/FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to modiy and DM if you find some bugs :)
xcalibure2/github_cves_search
Find CVEs associated to Linux and public exploits on github
xcalibure2/GOAD-AD
My Notes about Penetration Testing
xcalibure2/GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
xcalibure2/Hide-CobaltStrike
Hide your CobaltStrike PRO
xcalibure2/I-S00N
xcalibure2/ISO27001
Useful templates and working document for implementing ISO 27001 - ISMS
xcalibure2/k0Jsfuzzer
Tool for finding links from client side code
xcalibure2/Locksmith
A small tool built to detect and fix common misconfigurations in Active Directory Certificate Services.
xcalibure2/Moriarty
xcalibure2/MutationGate
Use hardware breakpoint to dynamically change SSN in run-time
xcalibure2/MutationGate2
xcalibure2/openedr
Open EDR public repository
xcalibure2/pwn_jenkins
Notes about attacking Jenkins servers
xcalibure2/Rush-PowerShell-Obfuscator
Simple Obfuscator made for .ps1 files
xcalibure2/RustRedOps
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.
xcalibure2/semgrep-rules
A collection of my Semgrep rules to facilitate vulnerability research.
xcalibure2/sicat
The useful exploit finder
xcalibure2/SOAPHound
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
xcalibure2/Venoma
Yet another C++ Cobalt Strike beacon dropper with Ntdll unhooking, PPID spoofing and custom Process hollowing
xcalibure2/webcopilot
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.