There are no reviews yet. Be the first to send feedback to the community and the maintainers!
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashingSharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocolLearning-EDR-and-EDR_Evasion
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.reveng_rtkit
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.ReflectiveNtdll
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via FiberCheckHooks-n-load
A Windows stager-cum-PELoader focusing Dynamic EDR Evasion, as well as FUD till now (24/02/23), when Operator wants to Know the the Underlying functions Hooks and then craft Implant based on the previous condition.AMSI-patches-learned-till-now
I have documented all of the AMSI patches that I learned till nowC2_Server
C2 server to connect to a victim machine via reverse shellDareDevil
Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10reveng_loader
C# loader capable of running stage-1 from remote url, file path as well as file shareETW_patches_from_userMode_learned_till_now
ETW patches from userMode learned till nowGDB-Cheat-Sheet
VulnCon-WorkShop-Slides
VulnCon WorkShop - Maldev Workshop : Offensive TradeCraft - Syscalls to Stack SpoofingRemoveFalsePositives
Just a small python script which spits out unsigned char representation for Hooked Underlying Ntapis (Which are False Positives) , for c/cpp UsageTryHackMe
THM WalkthroughsHTB
SSH_Bruter
Bruteforces ssh creds.Simple_Port_Scanner
Scans Single port as well as Multiple PortsC-for-Everyone-Programming-Fundamentals
All the topics and concepts of C programming that I have learned so far. The things covered in this repo are all beginner-friendly.reveng007
reveng007.github.io
Love Open Source and this site? Check out how you can help us