Pinned Repositories
beepsyscall
An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.
grpcssh
A simple reverse ssh/proxy implant PoC for *nix systems.
insomnia
a stage1 DLL loader with sleep obfuscation
LEOPARDSEAL
A simple Linux in-memory .so loader
noWatch
Implant drop-in for EDR testing
PhaseDive
Sleep Obfuscation
remotechrome
dump Chrome cookies remotely with atexec and CDP
stoplooking
A simple BOF that disables some logging with NtSetInformationProcess
wtsimpersonate_bof
WTSImpersonator BOF port
xyrella
PoC XLL builder in Python/Nim
zimnyaa's Repositories
zimnyaa/noWatch
Implant drop-in for EDR testing
zimnyaa/remotechrome
dump Chrome cookies remotely with atexec and CDP
zimnyaa/grpcssh
A simple reverse ssh/proxy implant PoC for *nix systems.
zimnyaa/PhaseDive
Sleep Obfuscation
zimnyaa/xyrella
PoC XLL builder in Python/Nim
zimnyaa/insomnia
a stage1 DLL loader with sleep obfuscation
zimnyaa/LEOPARDSEAL
A simple Linux in-memory .so loader
zimnyaa/smbsocks
A simple rpc2socks alternative in pure Go.
zimnyaa/inmembof.py
A small example of loading BOFs in Python with pure reflection
zimnyaa/fiber-stager
A simple Nim stager (w/ fiber execution)
zimnyaa/nim-noload-dll-hollowing
Unused DLL hollowing PoC in Nim
zimnyaa/beepsyscall
An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.
zimnyaa/grpc-ssh-socks
A minimal reverse proxy implementation over gRPC
zimnyaa/stoplooking
A simple BOF that disables some logging with NtSetInformationProcess
zimnyaa/nowebshell
a simple bind shell that hijacks TCP connections instead of listening.
zimnyaa/fuse-memload
In-memory ELF loader with libfuse
zimnyaa/nim-lazy-bof
Nim port of sliver's BOF loading approach
zimnyaa/3snake-kinit
A fork of 3snake with kinit support.
zimnyaa/detect-hooks
detect-hooks port for sliver C2
zimnyaa/wtsimpersonate_bof
WTSImpersonator BOF port
zimnyaa/tgtdeleg
connormcgarr/tgtdelegation for use with sliver
zimnyaa/xdvoke
d/invoke function resolver in Golang
zimnyaa/zimnyaa
zimnyaa/antiantipeb
D/Invoke implementation in Nim