youcannotseemeagain's Stars
netero1010/EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Kudaes/Split
Apply a divide and conquer approach to bypass EDRs
gtworek/PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
hatRiot/token-priv
Token Privilege Research
weak1337/Alcatraz
x64 binary obfuscator
sashs/Ropper
Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.
Accenture/Spartacus
Spartacus DLL/COM Hijacking Toolkit
MrEmpy/Reaper
「💀」Proof of concept on BYOVD attack
SafeBreach-Labs/PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
0xor0ne/awesome-list
Cybersecurity oriented awesome list
daem0nc0re/VectorKernel
PoCs for Kernelmode rootkit techniques research.
frkngksl/NimExec
Fileless Command Execution for Lateral Movement in Nim
OtterHacker/SetProcessInjection
Trevohack/DynastyPersist
A Linux persistence tool!
CheckPointSW/Evasions
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
outflanknl/C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
BlackSnufkin/NovaLdr
Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
voukatas/Commander
A command and control (C2) server
NYAN-x-CAT/AsyncRAT-C-Sharp
Open-Source Remote Administration Tool For Windows C# (RAT)
mandiant/speakeasy
Windows kernel and user mode emulation.
NationalSecurityAgency/ghidra
Ghidra is a software reverse engineering (SRE) framework
hacksysteam/HackSysExtremeVulnerableDriver
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
CyberSecurityUP/Buffer-Overflow-Labs
Practice Labs
chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802
LPE exploit for CVE-2023-36802
Wh04m1001/CVE-2023-36723
iilegacyyii/ThreadlessInject-BOF
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
Dec0ne/DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
Kudaes/EPI
Threadless Process Injection through entry point hijacking
daem0nc0re/PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
antonioCoco/SspiUacBypass
Bypassing UAC with SSPI Datagram Contexts