Ap3x - Giters

Ap3x's starred repositories

MagicDot

A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue

Language:PythonBSD-3-Clause8300

ospy

Automatically exported from code.google.com/p/ospy

Language:C#9700

Penetration-Testing-Tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

Language:PowerShellMIT248600

toolkit

The essential toolkit for reversing, malware analysis, and cracking

Language:Inno SetupNOASSERTION61100

obfus.h

Macro-header for compile-time C obfuscation (tcc, win x86/x64)

Language:CMIT52600

Exploits

Repo with different exploits & PoCs

Language:C5500

interceptor

Sample Rust Hooking Engine

Language:Rust3200

flower

a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor

Language:C9200

reverst

Reverse Tunnels in Go over HTTP/3 and QUIC

Language:GoApache-2.089500

lsa-whisperer

Tools for interacting with authentication packages using their individual message protocols

Language:C++MIT26400

ILMerge

ILMerge is a static linker for .NET Assemblies.

Language:C#MIT121900

LetMeowIn

A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.

Language:C++33700

Erebus

Erebus is a payload generator written in Nim.

Language:Nim1000

distormx

The ultimate hooking library

Language:CNOASSERTION25000

PolyHook_2_0

C++20, x86/x64 Hooking Libary v2.0

Language:C++MIT154700

HandleKatz

PIC lsass dumper using cloned handles

Language:C56800

Shoggoth

Shoggoth: Asmjit Based Polymorphic Encryptor

Language:C++62000

FindWDK

CMake module for building drivers with Windows Development Kit (WDK)

Language:CMakeBSD-3-Clause23900

hiding-your-syscalls

Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction within NTDLL.

Language:C21100

WFPCalloutReserach

research revolving the windows filtering platform callout mechanism

Language:C++1600

IoRingReadWritePrimitive

Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2

Language:C++MIT21600

PPLRunner

Run Processes as PPL with ELAM

Language:C13500

TiEtwAgent

PoC memory injection detection agent based on ETW, for offensive and defensive research purposes

Language:C24400

SealighterTI

Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider

Language:C15400

Beacon_Source

not a reverse-engineered version of the Cobalt Strike Beacon

Language:C23300

NativeDump

Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)

Language:C#30100

nimfilt

A collection of modules and scripts to help with analyzing Nim binaries

Language:PythonBSD-2-Clause5400

lycanthropy

Java DNS Post Exploitation Tool

Language:PythonBSD-3-Clause1000

DynoHook

The x86/x64 API Hooking Library for Windows/Linux which can easily embed it into other programming languages.

Language:C++MIT2500

awesome-game-security

awesome game security [Welcome to PR]

Language:PythonMIT237200