• Stars
    star
    17
  • Rank 1,219,928 (Top 25 %)
  • Language
    C++
  • Created almost 13 years ago
  • Updated almost 13 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Another Portable Executable files analysing stuff

More Repositories

1

Penetration-Testing-Tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
PowerShell
2,436
star
2

cobalt-arsenal

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
PowerShell
981
star
3

ThreadStackSpoofer

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
C++
943
star
4

RedWarden

Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
Python
863
star
5

ShellcodeFluctuation

An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
C++
845
star
6

PackMyPayload

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
Python
797
star
7

ProtectMyTooling

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
PowerShell
782
star
8

decode-spam-headers

A script that helps you understand why your E-Mail ended up in Spam
Python
503
star
9

Stracciatella

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
C#
484
star
10

tomcatWarDeployer

Apache Tomcat auto WAR deployment & pwning penetration testing tool.
Python
399
star
11

ElusiveMice

Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
C
394
star
12

UnhookMe

UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware
C++
338
star
13

SharpWebServer

Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality
C#
272
star
14

AzureRT

AzureRT - A Powershell module implementing various Azure Red Team tactics
PowerShell
219
star
15

expdevBadChars

Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.
Python
201
star
16

msidump

MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.
Python
183
star
17

Exploit-Development-Tools

A bunch of my exploit development helper tools, collected in one place.
Python
141
star
18

RobustPentestMacro

This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.
VBScript
140
star
19

VisualBasicObfuscator

Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.
Python
128
star
20

msi-shenanigans

Proof of Concept code and samples presenting emerging threat of MSI installer files.
Python
75
star
21

PE-library

Lightweight Portable Executable parsing library and a demo peParser application.
C++
70
star
22

HEVD_Kernel_Exploit

Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.
C++
61
star
23

procmon-filters

SysInternals' Process Monitor filters repository - collected from various places and made up by myself. To be used for quick Behavioral analysis of testing specimens. Inspired and based on Lenny Zeltser's collection.
58
star
24

PhishingPost

PHP Script intdended to be used during Phishing campaigns as a credentials collector linked to backdoored HTML <form> action parameter
PHP
55
star
25

burpContextAwareFuzzer

BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.
Python
39
star
26

CustomXMLPart

A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
VBA
32
star
27

dirbuster

wfuzz, SecLists and john -based dirbusting / forceful browsing script intended to be used during web pentest assingments
Shell
32
star
28

ntfs-journal-viewer

Utterly simple NTFS Journal dumping utility. Handy when it comes to Computer Forensics and Malware Forensics Ops.
C
31
star
29

LISET

Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident response (either forensic or malware oriented).
Batchfile
26
star
30

digitalocean-app-redirector

Reverse-HTTP Redirector via DigitalOcean Apps Platform
Python
24
star
31

prc_xchk

User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
C++
17
star
32

RPISEC-MBE-Solutions

Solutions to the RPISEC MBE / Modern Binary Exploitation VM & course.
Python
17
star
33

mgeeky

9
star
34

stegano1

College project implementing some of the compression and image steganographic algorithms.
C++
4
star
35

DISASM

Simple disassembling library (currently only x86)
C++
3
star
36

linux-utils

Some linux utils I've coded and decided to share.
C
2
star
37

Symulacja-Reaktora-Jadrowego

(Polish only) Program przygotowywany na uczelnie w ramach kursu "Symulacje Komputerowe". Przedstawia hipotetyczna prace reaktora jadrowego w roznych stanach i konfiguracjach.
MATLAB
1
star