Reviews
There are no reviews yet. Be the first to send feedback to the community and the maintainers!
Repository Details
More Repositories
1
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashingC
532
2
SharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocolC#
256
3
Learning-EDR-and-EDR_Evasion
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.C++
254
4
reveng_rtkit
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.C
231
5
ReflectiveNtdll
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via FiberC
163
6
CheckHooks-n-load
A Windows stager-cum-PELoader focusing Dynamic EDR Evasion, as well as FUD till now (24/02/23), when Operator wants to Know the the Underlying functions Hooks and then craft Implant based on the previous condition.C++
97
7
AMSI-patches-learned-till-now
I have documented all of the AMSI patches that I learned till nowC++
66
8
C2_Server
C2 server to connect to a victim machine via reverse shellPython
49
9
DareDevil
Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10C#
37
10
reveng_loader
C# loader capable of running stage-1 from remote url, file path as well as file shareC#
14
11
ETW_patches_from_userMode_learned_till_now
ETW patches from userMode learned till nowC++
9
12
Executable_Files
Database for custom made as well as publicly available stage-2 or beacons or stageless payloads, used by loaders/stage-1/stagers, or for further usage of C2 as wellPowerShell
9
13
GDB-Cheat-Sheet
8
14
VulnCon-WorkShop-Slides
VulnCon WorkShop - Maldev Workshop : Offensive TradeCraft - Syscalls to Stack Spoofing
5
15
RemoveFalsePositives
Just a small python script which spits out unsigned char representation for Hooked Underlying Ntapis (Which are False Positives) , for c/cpp UsagePython
2
16
TryHackMe
THM WalkthroughsPowerShell
2
17
HTB
Shell
1
18
SSH_Bruter
Bruteforces ssh creds.Python
1
19
Simple_Port_Scanner
Scans Single port as well as Multiple PortsPython
1
20
C-for-Everyone-Programming-Fundamentals
All the topics and concepts of C programming that I have learned so far. The things covered in this repo are all beginner-friendly.C
1
21
reveng007
1