1nd0

followers

following

stars

Michael Hoffman's starred repositories

SharpGhostTask

A C# port from Invoke-GhostTask

Language:C#10700

DDexec

A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

Language:ShellGPL-3.078400

WSPCoerce

PoC to coerce authentication from Windows hosts using MS-WSP

Language:C#21500

ropci

So, you think you have MFA? AAD/ROPC/MFA bypass testing tool

Language:GoMIT9000

CreateHiddenAccount

A tool for creating hidden accounts using the registry || 一个使用注册表创建隐藏帐户的工具

Language:GoApache-2.041200

NetshHelperBeacon

Example DLL to load from Windows NetShell

Language:C++17300

winfilter

Winlogon and LSA Notification Password Filters

Language:Python1600

PPLmedic

Dump the memory of any PPL with a Userland exploit chain

Language:C++32000

javascript-obfuscator

Custom version

Language:TypeScriptBSD-2-Clause200

evilgophish

evilginx3 + gophish

Language:GoMIT154800

evilgophish

evilginx2 + GoPhish. Forked from https://github.com/fin3ss3g0d/evilgophish

Language:GoGPL-3.0400

ssh-honeypot

Fake sshd that logs ip addresses, usernames, and passwords.

Language:CMIT60600

universal

Universal Shared Library User-space Loader

Language:GoGPL-3.021000

Shellcode_Memory_Loader

基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)

Language:Go25200

RetroDECK

RetroDECK brings you an all-in-one sandboxed application to play your retro games (and even not-so-retro games) on Linux/SteamOS.

Language:ShellGPL-3.072900

wssocks

socks5 over websocket

Language:GoMIT14700

wsp

HTTP tunnel over Websocket

Language:Go3800

BITB

Browser In The Browser (BITB) Templates

Language:JavaScript274900

ImHex

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Language:C++GPL-2.04067100

large-file-upload

Nodejs large file segment upload, resumable upload. Nodejs大文件分片上传、断点续传

Language:Vue9400

AlternativeShellcodeExec

Alternative Shellcode Execution Via Callbacks

Language:C++MIT136300

PEzor

Open-Source Shellcode & PE Packer

Language:CGPL-3.0178400

macos_shell_memory

Execute MachO binaries in memory using CGo

Language:C7900

traitor

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Language:GoMIT655400

go-shellcode

Load shellcode into a new process

Language:Go75700

darwinkit

Native Mac APIs for Go. Previously known as MacDriver

Language:GoMIT439800

macho_shellcode_extractor

extracts shellcode from a nasm compile macho binary

Language:Python1600

go-shellcode

A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.

Language:GoGPL-3.0104000

Noctilucent

Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise

Language:Go66600

leakdb

Web-Scale NoSQL Idempotent Cloud-Native Big-Data Serverless Plaintext Credential Search

Language:GoGPL-3.018200