Pinned Repositories
be_shellcode_dump
December 2023 BattlEye shellcode dump
CVE-2023-32629-CVE-2023-2640---POC-Escalation
Ubuntu Privilege Escalation bash one-liner using CVE-2023-32629 & CVE-2023-2640
CVE-2024-1651-PoC
Torrentpier v2.4.1. CVE-2024-1651. Remote Code Execution (RCE).
CVE-2024-9474
PAN-OS auth bypass + RCE
F5-BIG-IP-Scanner
F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.
fridumpX
Parser memory and grep juicy information with regex patterns and frida
kasld
Kernel Address Space Layout Derandomization [ KASLD ] - A collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user, for the purpose of bypassing Kernel Address Space Layout Randomization (KASLR).
NVDrv
Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.
WindowInjector
Linux Malware creator to attack Windows System via Reverse Shell with FindWindow Process Code Injection
ZeroThreadKernel
Recursive and arbitrary code execution at kernel-level without a system thread creation
zha0's Repositories
zha0/CVE-2024-9474
PAN-OS auth bypass + RCE
zha0/assembly-shell
zha0/binlex
A Binary Genetic Traits Lexer Framework
zha0/BootExecuteEDR
zha0/CVE-2024-24549
Proof of concept of the CVE-2024-24549, Exploit in Python.
zha0/cve-2024-42327
cve-2024-42327 ZBX-25623
zha0/CVE-2024-46538
based on [EQSTLab](https://github.com/EQSTLab)
zha0/CVE-2024-48990-PoC
PoC for CVE-2024-48990
zha0/CVE-2024-50379
tomcat CVE-2024-50379/CVE-2024-56337 条件竞争文件上传exp
zha0/CVE-2024-53375
TP-Link Archer AXE75 Authenticated Command Injection
zha0/DCOMUploadExec
DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
zha0/emulator
🪅 Windows User Space Emulator
zha0/Exploit-Street
Complete list of LPE exploits for Windows (starting from 2023)
zha0/gocheck
Because AV evasion should be easy.
zha0/GPOHunter
A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities
zha0/Harden-Windows-Security
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
zha0/hwp-extract
A library and cli tool to extract HWP files.
zha0/KrbRelayEx
zha0/ldapx
Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.
zha0/nbd
Network Block Device
zha0/NimShellCodeLoader
免杀,bypassav,免杀框架,nim,shellcode,使用nim编写的shellcode加载器
zha0/PoCEntraDeviceComplianceBypass
Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy
zha0/PowerDACL
A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)
zha0/PS-Commands
📚 Large base of PowerShell notes in Russian language (Сheat Sheet & Documentation).
zha0/Redeemer-C2
Redeemer C2是一款使用Rust编写的平台型C2,旨在滥用可信域名的API平台进行命令控制,用来对抗恶意域名巡查,是一款专注于权限维持的C2工具。
zha0/Rootkit-2
Collection of codes focused on Linux rootkits
zha0/run-shellcode-in-memory
Can run a payload shellcode in-memory by injecting a process. (does not bypass AV).
zha0/RustSoliloquy
A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and indirect NTAPIs for core operations.
zha0/vermilion
Linux post exploitation tool for info gathering and exfiltration 🐧📡💀
zha0/WPTaskScheduler_CVE-2024-49039
WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler