• Stars
    star
    9
  • Rank 1,939,727 (Top 39 %)
  • Language
    C++
  • License
    MIT License
  • Created almost 2 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

ETW patches from userMode learned till now

More Repositories

1

DarkWidow

Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
C
532
star
2

SharpGmailC2

Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
C#
256
star
3

Learning-EDR-and-EDR_Evasion

I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.
C++
254
star
4

reveng_rtkit

Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
C
231
star
5

ReflectiveNtdll

A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber
C
163
star
6

CheckHooks-n-load

A Windows stager-cum-PELoader focusing Dynamic EDR Evasion, as well as FUD till now (24/02/23), when Operator wants to Know the the Underlying functions Hooks and then craft Implant based on the previous condition.
C++
97
star
7

AMSI-patches-learned-till-now

I have documented all of the AMSI patches that I learned till now
C++
66
star
8

C2_Server

C2 server to connect to a victim machine via reverse shell
Python
49
star
9

DareDevil

Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10
C#
37
star
10

reveng_loader

C# loader capable of running stage-1 from remote url, file path as well as file share
C#
14
star
11

Executable_Files

Database for custom made as well as publicly available stage-2 or beacons or stageless payloads, used by loaders/stage-1/stagers, or for further usage of C2 as well
PowerShell
9
star
12

GDB-Cheat-Sheet

8
star
13

VulnCon-WorkShop-Slides

VulnCon WorkShop - Maldev Workshop : Offensive TradeCraft - Syscalls to Stack Spoofing
5
star
14

RemoveFalsePositives

Just a small python script which spits out unsigned char representation for Hooked Underlying Ntapis (Which are False Positives) , for c/cpp Usage
Python
2
star
15

TryHackMe

THM Walkthroughs
PowerShell
2
star
16

HTB

Shell
1
star
17

SSH_Bruter

Bruteforces ssh creds.
Python
1
star
18

Simple_Port_Scanner

Scans Single port as well as Multiple Ports
Python
1
star
19

C-for-Everyone-Programming-Fundamentals

All the topics and concepts of C programming that I have learned so far. The things covered in this repo are all beginner-friendly.
C
1
star
20

reveng007

1
star
21

reveng007.github.io

1
star