F11st's repositories
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
bof-launcher
Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications
BOF.NET
A .NET Runtime for Cobalt Strike's Beacon Object Files
cheat-engine
Cheat Engine. A development environment focused on modding
CoercedPotatoRDLL
Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
DDOS-RootSec
DDOS Archive by RootSec (Scanners, BotNets (Mirai and QBot Premium & Normal and more), Exploits, Methods, Sniffers)
DirtyCLR
An App Domain Manager Injection DLL PoC on steroids
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
eBPFeXPLOIT
Exploit tool implemented using ebpf.
elevationstation
elevate to SYSTEM any way we can! Metasploit and PSEXEC getsystem alternative
GoLangUnhooker
EDR绕过demo
InflativeLoading
Dynamically convert a native EXE to PIC shellcode by prepending a shellcode stub
LdrLockLiberator
For when DLLMain is the only way
mortar
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
NovaLdr
Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
obfuscator
Native code PE bin2bin obfuscator
OpenArk
The Next Generation of Anti-Rookit(ARK) tool for Windows.
poc-proxycommand-vulnerable
Proof of conept to exploit vulnerable proxycommand configurations on ssh clients
PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
SharpReflectivePEInjection
reflectively load and execute PEs locally and remotely bypassing EDR hooks
ShellcodeTemplate
An easily modifiable shellcode template for Windows x64/x86
SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
superman
🤖 Kill The Protected Process 🤖
UAC-Bypass-FUD
The UAC Bypass program is designed to run files with elevated privileges on Windows without requesting user permission or displaying the UAC screen. It provides a way to bypass User Account Control (UAC) restrictions for specific tasks.
visualstudio-suo-exploit
This repository is a tool to create a .suo that when run by visual studio's will achieve code execution
xeno-rat
Xeno-RAT is an open-source remote access tool (RAT) developed in C#, providing a comprehensive set of features for remote system management. Has features such as HVNC, live microphone, reverse proxy, and much much more!