1rm's repositories
2022-HW-POC
2022 护网行动 POC 整理
CallBackDump
能过卡巴、核晶、defender等杀软的dump lsass进程工具
DumpThatLSASS
Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation , it contains Anti-sandbox , if you run it under unperformant Virtual Machine you need to uncomment the code related to it and recompile.
GoBypassAV
整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术,并搜集汇总了一些资料和工具。
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
HijackLibs
Project for tracking publicly disclosed DLL Hijacking opportunities.
MasqueradingPEB
Maquerade any legitimate Windows binary by changing some fields in the PEB structure
schtask-bypass
免杀计划任务进行权限维持,过主流杀软。 A schtask tool bypass anti-virus
wechat-export
获取微信聊天记录数据库密钥并导出聊天记录,各版本通用。
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks【回调函数】
AtomPePacker
A Highly capable Pe Packer
Awesome-Profile-README-templates
A collection of awesome readme templates to display on your profile
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
ClipboardWindow-Inject
CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback
Cobalt-Strike-Profiles-for-EDR-Evasion
Cobalt Strike Profiles for EDR Evasion
cobaltstrike4.5_cdf
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证等
CobaltStrike_OpenBeacon
Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts.
Creeper-Awww-man
Creeper? Awww man!
csplugin
自己开的cs插件
Doge-Gabh
GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisper/RefleXXion golang implementation
EXOCET-AV-Evasion
EXOCET - AV-evading, undetectable, payload delivery tool
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Pokemon-Shellcode-Loader
Tired of looking at hex all day and popping '\x41's? Rather look at Lugia/Charmander? I have the solution for you.
robotgo
RobotGo, Go Native cross-platform GUI automation @vcaesar
Xray_Cracked
Update Xray1.9.4 Cracked for Windows,Linux and Mac OS.
yaegi
Yaegi is Another Elegant Go Interpreter