C
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
A meterpreter extension for applying hooks to avoid windows defender memory scans
Load and execute COFF files and Cobalt Strike BOFs in-memory
Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)
A list of all the DLLs export in C:\windows\system32\
Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
Small project to generate fake DLLs based on an executable's import table
The BEST DLL Injector Library.
POC of a better implementation of GetProcAddress for ntdll using binary search
A Windows kernel dump C++ parser library with Python 3 bindings.
KaynLdr is a Reflective Loader written in C/ASM
ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports payload-side
Run a Exe File (PE Module) in memory (like an Application Loader)
A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.
笔者的在原作者池风水利用工具(以下简称工具)基础上进行二次开发,新增了全自动获取内核调试模块符号的偏移量及配置参数和不同漏洞利用方式优化等功能, 解决了不同Windows版本适配问题,工具包括适配驱动和利用程序两部分组成,实现了在Windows 10 19H1之后任意版本包括满补丁系统上的稳定利用.
PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
Source code of exploiting windows API for red teaming series
An Open Source Windows DLL Injector With All Known Techniques Available