1F Y0U CAN'7 H0DL, Y0U W1LL N0T 8E P00R
FOLIAGE. Experiment on reproducing Obfuscate & Sleep
165schtask-bypass. 免杀计划任务进行权限维持,过主流杀软。 A schtask tool bypass anti-virus
74PEBFake. PEBFake(修改PEB 伪装当前进程路径、参数等)
55BlockRDPBrute. [HIPS]RDP(3389)爆破防护
45babysc. 自用的shellcode生成框架
33lm_tools. 横向移动三剑客 ( Lateral movement tools)
30BabyBypass. 看起来叫BabyBypass,实际啥都会记一些
15r0ak. r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
14DesignPatternInC. C语言实现设计模式
11Wechat-Open-More. Wechat PC Open More [PC 微信 多开 Demo]
10SMSBoom. 短信轰炸/短信测压/ | 一个健壮免费的python短信轰炸程序,专门炸坏蛋蛋,百万接口,多线程全自动添加有效接口,支持异步协程百万并发,全免费的短信轰炸工具!!hongkonger开发全网首发!!
7GTA5-Cheat. GTA5 online cheat
6iscsicpl_bypassUAC. UAC bypass for x64 Windows 7 - 11(无弹窗版)
6SharpKatz. Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
5Zenbleed-Chrome-PoC. HTML
4EtwHookDbg. C
3winapiexec. 参数化Win32Api执行
3FPageShift. C++
2520apkhook. 把msf生成的安卓远控附加进普通的app中,并进行加固隐藏特征。可以绕过常见的手机安全管家。
2x86-Code-Virtualizer. x86 Binary Code Virtualization Tool
2APT_Step_Bear_Inject. 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》
2reu_csu_2022. Repo to store files for REU on IoT and Cybersecurity at CSU.
2mfc. C++
212306_Ticket. :rainbow:12306购票/取消订单/退票程序(2018-12-19最新版)
2sysmon-edr. PowerShell
2CTF-Challenge-Source. source code of the topic I designed
2HellsRunPE. RunPE using Hell's Gate technique.
2injection_all. Windows process injection methods
1WeChatMsg. 提取微信聊天记录,将其导出成word文档永久保存,对聊天记录进行分析生成年度聊天报告
1obfus.h. Macro-header for compile-time C obfuscation (tcc, win x86/x64)
1Jomungand. Shellcode Loader with memory evasion
1QQkey_Tool. QQ远程控号&盗号/生成木马/突破空间&邮箱&QQ群/扫码控号/QQkey直取/Clientkey直取/发说说……
1pocs-1. Proof of Concepts (PE, PDF...)
1DRat. 去中心化远程控制工具(Decentralized Remote Administration Tool),通过ENS实现了配置文件分发的去中心化,通过Telegram实现了服务端的去中心化
1RdpThief. Extracting Clear Text Passwords from mstsc.exe using API Hooking.
124h2-nt-exploit. Exploit targeting NT kernel in 24H2 Windows Insider Preview
1CVE-2023-3079. JavaScript
1syscall_api. Assembly
1CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability. Microsoft-Outlook-Remote-Code-Execution-Vulnerability
1CVE-2023-36884-MS-Office-HTML-RCE. MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
1goexec. Windows remote execution multitool
1grimreaper. A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
1cve-2023-29360. Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver
12D-Injector. Hiding unsigned DLL inside a signed DLL
1SilentLoad. "Service-less" driver loading
1KernelCallbackTable-Injection-PoC. Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijack execution flow
1uiaccess. 通过System令牌获取UIAccess
1schtask_bypass. 绕过360核晶添加计划任务
1StackCrypt. Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume threads
1HadesLdr. Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
1bimg-shellcode-loader. Go
1gc_impl. 各种垃圾回收算法的实现,C语言版本
1KCTHIJACK. Another Way Of Using kernelcallbacktabel
1-. 逆向工程核心原理리버싱 핵심원리 - 소스 코드 및 실습 예제
1PortBender. TCP Port Redirection Utility
1BootCleanEx. BootClean 增强版(重启删除好用)
1love_mail. 一个适合异地恋,可以发送纪念日提醒、天气变化、天气预报、彩虹屁等信息到邮箱的小脚本
1HVNC. HVNC Client & Server | Coded in C++ (Fixed Tinynuke)
1wsMemShell. 一种全新的内存马
1cool. Golang-Gin 框架写的免杀平台,内置分离、捆绑等多种BypassAV方式。
1