Lists (10)
Stars
PoC Implementation of a fully dynamic call stack spoofer
smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters
Impersonate Tokens using only NTAPI functions
Utility program to perform multiple operations for a given subnet/CIDR ranges.
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
Boilerplate to develop raw and truly Position Independent Code (PIC).
Robust Cobalt Strike shellcode loader with multiple advanced evasion features
ShadowPhish is an advanced APT awareness toolkit designed to simulate real-world phishing, malware delivery, deepfakes, smishing/vishing, and command & control attacks through an intuitive graphica…
Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features.
A meterpreter extension for applying hooks to avoid windows defender memory scans
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
🧙♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications
Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion
A small NtCreateUserProcess PoC that spawns a Command prompt.
Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html
Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.
Some of the presentations, workshops, and labs I gave at public conferences.
Cobaltstrike Reflective Loader with Synthetic Stackframe
Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
A memory-based evasion technique which makes shellcode invisible from process start to end.