Highlights
- Pro
Lists (5)
Stars
Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
This is a Model Context Protocol (MCP) server implemented in Go, providing a tool to analyze Go pprof performance profiles.
killvxk / llvm-msvc-ex
Forked from backengineering/llvm-msvcForked LLVM focused on MSVC Compatibility. This version is designed for windows users
Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.
LLVM fork with explicit compatibility with MSVC 2022 features.
A centralized resource for previously documented WDAC bypass techniques
Some simple code to learn about how to access the Windows network stack using polling and \Device\Afd
Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hooks.
Tools for instrumenting Windows Defender's mpengine.dll
Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techniques
A SwiftUI view for dynamically highlighting user input
RottenPotato local privilege escalation from service account to SYSTEM
这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…
该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。
著作《Windows APT Warfare:惡意程式前線戰術指南》各章節技術實作之原始碼內容
A Chrome DevTools Protocol driver for web automation and scraping.
New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.
一个随手写的微信插件,提供消息防撤回、显示红包转账详情、消息列表操作、头像圆角、毛玻璃模式、多开等功能
UnrealPak 4.27.0 [ Tool ] -extract *.pak files for Unreal Engine 4 [win64]