Goodshit
🎧 Open source music streaming app! Available for both desktop & mobile!
Chrome browser extension-based Command & Control
Astral-PE is a low-level mutator (Headers/EP obfuscator) for native Windows PE files (x32/x64)
Adversary simulation and Red teaming platform with AI
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely.
Various tips & tricks
Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
Weaponizing DCOM for NTLM Authentication Coercions
Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
Rusty Reflective DLL Injection - A small reflective loader in Rust 4KB in size
Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques and used by Patchwork group.
「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x
.NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avo…
Robust Cobalt Strike shellcode loader with multiple advanced evasion features
Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
🔥📜 Forbidden collection of Red Team sorcery 📜🔥
Attacking the cleanup_module function of a kernel module
ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.