kevin worst's repositories
SCOMDecrypt
SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers
DotNetHooking
Sample use cases of the .NET native code hooking technique
RottenPotatoNG
New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.
Hooking-via-InstrumentationCallback
codes for my blog post: https://secrary.com/Random/InstrumentationCallback/
Firefox-Security-Toolkit
A tool that transforms Firefox browsers into a penetration testing suite
ThreadJect
Manual DLL Injector using Thread Hijacking.
PSHinjector
PSHinjector autoscript is a tool that inject shellcode(x64 payload) by powershell with python3 programing
Digital-Signature-Hijack
Binaries, PowerShell scripts and information about Digital Signature Hijacking.
c-sharp-memory-injection
A set of scripts that demonstrate how to perform memory injection in C#
luckystrike
A PowerShell based utility for the creation of malicious Office macro documents.
StupidKeylogger
A Terrific Keystroke Recorder (keylogger-key-logger-spyware-spy-trojan-simple-virus-for-windows-10-7-xp-smart-c-c++-cpp-code)
EmbedInHTML
Embed and hide any file in an HTML file
HandleMaster
Changes handle's access rights using DKOM with a vulnerable driver
gargoyle
A memory scanning evasion technique
WMIOps
This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.
DoubleAgent
Zero-Day Code Injection and Persistence Technique
prefetch
This repository contains several tools to perform Prefetch Side-Channel Attacks
Shortcut-Downloader
Shortcut Downloader
Ruxcon2016ETW
Ruxcon2016 POC Code
NetshHelperBeacon
Example DLL to load from Windows NetShell
exe2powershell
exe2powershell - exe2bat reborn for modern Windows
ProcessHider
Post-exploitation tool for hiding processes from monitoring applications
cobalt-strike-persistence
cobalt strike 自启动脚本
MessageBox
PoC dlls for Task Scheduler COM Hijacking
house-party-protocol
an ultimate evidence wiper
DLLHijackAuditKit
This toolkit detects applications vulnerable to DLL hijacking (released in 2010)
ExploitDotNetDCOM
A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.