There are no reviews yet. Be the first to send feedback to the community and the maintainers!
BokuLoader
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!azureOutlookC2
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.Ninja_UUID_Runner
Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!spawn
Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing.injectAmsiBypass
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.injectEtwBypass
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)HOLLOW
EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcodeAsmHalosGate
x64 Assembly HalosGate direct System Caller to evade EDR UserLand hookswhereami
Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's.winx64-InjectAllProcessesMeterpreter-Shellcode
64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.HellsGatePPID
Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe processNobelium-PdfDLRunAesShellcode
A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwnhalosgate-ps
Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processesXSS-Clientside-Attacks
A repository of JavaScript XSS attacks against client browsersxPipe
Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissionsx64win-DynamicNoNull-WinExec-PopCalc-Shellcode
64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Freex64win-AddRdpAdminShellcode
64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"tailorMS-rXSS-Keylogger
Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Tailor Management System v1.0 allows remote attackers to harvest keys pressed via unauthenticated victim clicking malicious URL and typing.StockManagement-XSS-Login-CredHarvester
Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Stock Management System v1.0 allows remote attackers to harvest login credentials & session cookie via unauthenticated victim clicking malicious URL and entering credentials.gsCMS-CustomJS-Csrf2Xss2Rce
GetSimple CMS Custom JS Plugin Exploit RCE ChainLibreHealth-authRCE
LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) on the hosting webserver via uploading a maliciously crafted image.CVE-2020-23839
Public PoC Disclosure for CVE-2020-23839 - GetSimple CMS v3.3.16 suffers from a Reflected XSS on the Admin Login PortalonlineCourseReg-RCE
From 0 to Remote Code Execution - exploit development files for Online Course Registration Web Application RCEBikeRental-FU-RCE
slae64
Repo for SLAE64 ExamGetSimple-SmtpPlugin-CSRF2RCE
GetSimple CMS My SMTP Contact Plugin <= v1.1.1 - CSRF to RCEboku7.github.io
BloghomeRent-SQLi-RCE
House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability allowing remote attackers to execute arbitrary code on the hosting webserver via sending a malicious POST request.fuzzingFTP
Python scripts for fuzzing FTP servers, with percision, over TCPslae32
Repo for all SLAE32 Exam Assignmentsburp-jars
aCal-RCE
Exploit Development files for aCal web application - reflected XSS to RCE.BarracudaDrivev6.5-LocalPrivEsc
Insecure Service File Permissions in bd service in Real Time Logics BarracudaDrive v6.5 allows local attackers to escalate privileges to admin via replacing the bd.exe file and restarting the computer where it will be run as 'LocalSystem' on the next startup automatically.AV_Bypass-Splitter
Splitter script to identify Anti-Virus signature of an executablexdev-templates
Random helpful xdev templatesdomQuestPro-SEH-BOF
Love Open Source and this site? Check out how you can help us