Alien3407's starred repositories
HackBrowserData
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
darkarmour
Windows AV Evasion
DeathSleep
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.
FlavorTown
Various ways to execute shellcode
inject-assembly
Inject .NET assemblies into an existing process
ScareCrow-CobaltStrike
Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
KaynStrike
UDRL for CS
Brute-Ratel-C4-Community-Kit
This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)
SandboxDefender
C# code to Sandbox Defender (and most probably other AV/EDRs).
CobaltStrike_BOF_Collections
Useful Cobalt Strike BOFs found or used during engagements
dearg-thread-ipc-stealth
A novel technique to communicate between threads using the standard ETHREAD structure
DarkFinger-C2
Windows TCPIP Finger Command / C2 Channel and Bypassing Security Software
ProcessGhosting
Small POC for process ghosting
UAC-Bypass
Bypassing windows uac, however its an old approach/method but its still unpatched ¯\_(ツ)_/¯
onefile_python
Run python from a single exe
gizligizli
A steganography based shellcode hider to bypass AV
Mischief-Encoder
Shellcode encoder for AV bypass and execution