-
-
NET Tools for CI CD pipelining usecase!
MIT License UpdatedMar 31, 2025 -
-
I have documented all of the AMSI patches that I learned till now
-
DarkWidow Public
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+Bloc…
-
-
Certipy-merged-with-esc15 Public
Forked from Deloitte-OffSecResearch/CertipyTool for Active Directory Certificate Services enumeration and abuse
Python MIT License UpdatedFeb 12, 2025 -
Executable_Files Public
Database for custom made as well as publicly available stage-2 or beacons or stageless payloads, used by loaders/stage-1/stagers, or for further usage of C2 as well
-
bloodyAD Public
Forked from CravateRouge/bloodyADBloodyAD is an Active Directory Privilege Escalation Framework
Python MIT License UpdatedJan 24, 2025 -
-
BEAR Public
Forked from S3N4T0R-0X0/BEARBear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA …
-
CPTS-cheatsheet Public
Forked from zagnox/CPTS-cheatsheetHackTheBox Certified Penetration Tester Specialist Cheatsheet
1 UpdatedJul 10, 2024 -
VulnCon-WorkShop-Slides Public
VulnCon WorkShop - Maldev Workshop : Offensive TradeCraft - Syscalls to Stack Spoofing
-
windows-security-internals-jforsaw Public
Forked from tyranid/windows-security-internalsA repository for additional files related to the book Windows Security Internals with PowerShell from No Starch Press.
PowerShell Apache License 2.0 UpdatedMar 29, 2024 -
MiniDumpFS Public
Forked from dru1d-foofus/MiniDumpFSParse minidump files from system memory dumps using Ulf Frisk's vmm library
C GNU Affero General Public License v3.0 UpdatedMar 13, 2024 -
-
.NetConfigLoader-MA Public
Forked from Mr-Un1k0d3r/.NetConfigLoader.net config loader
1 UpdatedJan 2, 2024 -
Tartarus-TpAllocInject Public
Forked from nettitude/Tartarus-TpAllocInject -
Jomungand-HWBP-MemScanEvade Public
Forked from dannymas/JomungandShellcode Loader with memory evasion
-
dploot-PostExp.py Public
Forked from zblurx/dplootDPAPI looting remotely in Python
Python MIT License UpdatedSep 30, 2023 -
-
Cronos-MemoryScanEvasion Public
Forked from Idov31/CronosPoC for a new sleep obfuscation technique leveraging waitable timers to evade memory scanners.
C GNU General Public License v3.0 UpdatedSep 26, 2023 -
reveng_rtkit Public
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
-
RemoveFalsePositives Public
Just a small python script which spits out unsigned char representation for Hooked Underlying Ntapis (Which are False Positives) , for c/cpp Usage
-
Learning-EDR-and-EDR_Evasion Public
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.
-
ETW patches from userMode learned till now
-
AQUARMOURY Public
Forked from pparaujo/AQUARMOURYMy musings in C and offensive tooling
-
-
DetectCobaltStomp Public
Forked from yusufqk/DetectCobaltStompDetects Module Stomping as implemented by Cobalt Strike
C GNU General Public License v2.0 UpdatedJul 13, 2023 -
Windows-Internals Public
Forked from Faran-17/Windows-InternalsImportant notes and topics on my journey towards mastering Windows Internals
{{ message }}