BlackTrace's repositories
amm-arbitrageur
An arbitrage bot between Uniswap AMMs
optimal-sandwich
we do a little bit of mathematics to make a little bit of money
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
AtomPePacker
A Highly capable Pe Packer
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
cf
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
Chrome-Android-and-Windows-0day-RCE-SBX
Chrome Android and Windows 0day RCE+SBX.. DPRK
CVE-2023-21608
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
exploits-1
'>"><img src=x onerror=alert(1) /><b>asd</b>
geacon_pro
重构了Cobaltstrike Beacon,适配了大部分Beacon的功能,行为对国内主流杀软免杀,支持4.1以上的版本。 A cobaltstrike Beacon bypass anti-virus, supports 4.1+ version.
grimreaper
A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
Havoc
The Havoc Framework.
jsanalyzer
[WIP] Tool to deobfuscate javascript
jscythe
Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code.
KDU
Kernel Driver Utility
lemon-cleaner
腾讯柠檬清理是针对macOS系统专属制定的清理工具。主要功能包括重复文件和相似照片的识别、软件的定制化垃圾扫描、可视化的全盘空间分析、内存释放、浏览器隐私清理以及设备实时状态的监控等。重点聚焦清理功能,对上百款软件提供定制化的清理方案,提供专业的清理建议,帮助用户轻松完成一键式清理。
Milfuscator
x86 PE Mutator
No-Consolation
A BOF that runs unmanaged PEs inline
noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
NtSocket_NtClient_NtServer
Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)
NVDrv
Abusing nvidia driver (nvaudio.sys) for physical/virtual memory and control register manipulation.
RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
RpcView
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
sharem
SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.
ShellcodeTemplate
A easily modifiable shellcode template for Windows x64/x86
subway
A practical example on how to perform sandwich attacks on Ethereum
whids
Open Source EDR for Windows