Beast code in Giters

Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)

MIT000

impacket-static-binaries

Impacket static binaries, because you never know when you'll need them.

Language:Python010

inteloops

Exploits Intel's signed iqvw64e.sys driver to allow manual mapping and read/writing of memory at a kernel level.

Language:C++NOASSERTION000

Jlaive-1

Antivirus evasion tool (crypter) that converts executables into undetectable batch files.

Language:C#GPL-3.0000

KrbRelayUp

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Language:C#000

offensive_c

Language:C000

OneBootloaderToLoadThemAll

One Bootloader to Load Them All - Research materials, Code , Etc.

Language:CGPL-3.0000

OSED-Notes

Some notes + exercises that I've done during my study for the Offensive Security Exploit Developer.

Language:Python000

osed-scripts

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

Language:PythonMIT000

PatchlessInlineExecute-Assembly

Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.

Language:C000

PE-Obfuscator

PE obfuscator with Evasion in mind

Language:C000

PINKPANTHER

Windows x64 handcrafted token stealing kernel-mode shellcode

Language:AssemblyGPL-3.0000

process-cloning

The Definitive Guide To Process Cloning on Windows

Language:CMIT000

vs-shellcode

Shellcode template for visual studio

000

WTSRM2

Language:C++000