Steve S.

Expert
@0xTriboulet

Allegedly some kind of researcher

Revenant. Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework

390

InlineExecuteEx. A BOF that's a BOF Loader and more

207

Red_Team_Code_Snippets. random code snippets, useful for getting started

123

rdll-rs. A reflective DLL development template for the Rust programming language

121

ai-postex. Proof-of-concept implementation of AI-enabled postex DLLs

94

rssh-rs. Rust

55

T-70. A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system

44

emerald_template. A cmake template for crystal palace

42

scepter-rs. A hacky way of getting cross-arch/platform support in Cobalt Strike

38

T-1. T-1 is a shellcode loader that leverages ML techniques to detect VM environments

37

wiretap-rs. A vibe-coded port of wiretap

34

OffensiveRust. Rust Weaponization for Red Team Engagements.

28

ZeroTotal. A collection of source code, binaries, and compilation scripts designed to bypass detection

26

Abomination. A synergized Visual Studio and Rust development environment

19

athena-reader. A simple speed reading application that supports .txt, .pdf, and image text extraction

17

Cycotic. A python polymorphic engine for C programs

11

dll-rs. Rust template project for DLL development

9

sleepmask-clion. A simple Sleepmask BOF example

8

evading_the_machine. Source code for the worst malware classifier of all time

8

hiding_in_the_trees. evading a random forest classifier

6

binaryninja-ollama. Python

5

iris-rs. Rust

5

crackmes. Reverse engineering crackemes

4

Havoc_3rd_Party_Support. The Havoc Framework. Preserves Revenant and 3rd Party functionality to the maximum extent possible.

4

Drone. Rust

3

r77-rootkit. Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

3

SpawnWith. C++

2

0xdarkvortex-MalwareDevelopment. This repo will contain code snippets for blogs: Malware on Steroids written by me at https://scriptdotsh.com/index.php/category/malware-development/

2

WindowSpy. WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.

2

angr. Angr experimentation

2

vxlang-page. protector & obfuscator & code virtualizer

1

windows-defender. Malice Windows Defender AntiVirus Plugin

1

NtCreateUserProcess-Post. NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version

1

CreateProcessInternalW-Full. Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post

1
34
Apply