Pinned Repositories
APT-Attack-Simulation
A APT Attack Simulation for APT 29 & Lockbit
atexec-pro
Fileless atexec, no more need for port 445
auto-enum
IDA Plugin to automatically identify and set enums for standard functions
AV_EDR_EPP_Notes
awesome-llvm-security
awesome llvm security [Welcome to PR]
BokuLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities. By: @0xBoku & @s4ntiago_p
Chrome-App-Bound-Encryption-Decryption
Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.
CS-AutoPostChain
基于 OPSEC 的 CobaltStrike 后渗透自动化链
DllMainHijacking
Resolve the issue of DLLmain function in white and black DLLs hanging when calling shellcode
java-memshell-generator
一款支持高度自定义的 Java 内存马生成工具
yjthrstgeragr's Repositories
yjthrstgeragr/SearchAvailableExe
寻找可利用的白文件
yjthrstgeragr/SilentLoad
"Service-less" driver loading
yjthrstgeragr/awesome-llvm-security
awesome llvm security [Welcome to PR]
yjthrstgeragr/Chrome-App-Bound-Encryption-Decryption
Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.
yjthrstgeragr/auto-enum
IDA Plugin to automatically identify and set enums for standard functions
yjthrstgeragr/libalpc
yjthrstgeragr/DllMainHijacking
Resolve the issue of DLLmain function in white and black DLLs hanging when calling shellcode
yjthrstgeragr/KExecDD
Admin to Kernel code execution using the KSecDD driver
yjthrstgeragr/RTCore64_Vulnerability
Use RTCore64 to map your driver on windows 11.
yjthrstgeragr/atexec-pro
Fileless atexec, no more need for port 445
yjthrstgeragr/CS-AutoPostChain
基于 OPSEC 的 CobaltStrike 后渗透自动化链
yjthrstgeragr/VX-API
Collection of various malicious functionality to aid in malware development
yjthrstgeragr/AV_EDR_EPP_Notes
yjthrstgeragr/XLL-DROPPER-
XLL DROPPER | Learn to create Native xll Dropper
yjthrstgeragr/new_in_swor
bypassAll静态引擎,如绕过QVM,绕过VT所有静态引擎
yjthrstgeragr/vmprotect-3.5.1
yjthrstgeragr/npcap
Nmap Project's Windows packet capture and transmission library
yjthrstgeragr/Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
yjthrstgeragr/RedGuard
RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
yjthrstgeragr/BokuLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities. By: @0xBoku & @s4ntiago_p
yjthrstgeragr/ROP_ROCKET
ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP. The framework utilizes emulation and obfuscation to help expand the attack surface.
yjthrstgeragr/RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
yjthrstgeragr/VDR
Vulnerable driver research tool, result and exploit PoCs
yjthrstgeragr/Learning-EDR-and-EDR_Evasion
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.
yjthrstgeragr/SysWhispers3
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
yjthrstgeragr/oxgenPdb
a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.
yjthrstgeragr/APT-Attack-Simulation
A APT Attack Simulation for APT 29 & Lockbit
yjthrstgeragr/stink
Stealer in just a few lines with sending to Server / Telegram / Discord. No dependencies, only built-in libraries.
yjthrstgeragr/java-memshell-generator
一款支持高度自定义的 Java 内存马生成工具
yjthrstgeragr/VMProtect
VMProtect Leaked Source Code