Idov31

Ido Veltzman's repositories

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Language:C++GPL-3.02089 36 17

Sandman is a NTP based backdoor for red team engagements in hardened networks.

Language:C#GPL-3.0786 15 2

Shellcode injection technique. Given as C++ header, standalone Rust program or library.

Language:RustGPL-3.0706 18 8

PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.

Language:CGPL-3.0580 11 2

Venom is a library that meant to perform evasive communication using stolen browser socket

Language:C++GPL-3.0379 70

MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.

Language:PowerShellGPL-3.0265 13 1

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

Language:C++GPL-3.0226 80

NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg

Language:C++GPL-3.047 40

Simple ransomware written in Rust. Part of the building a rustomware blog post.

Language:YARAGPL-3.033 30

Listing UDP connections with remote address without sniffing.

Language:C++GPL-3.030 6 1

C# API for Nidhogg rootkit

Language:C#GPL-3.017 10

Released presentations of my talks + code that used during these talks

Language:C++GPL-3.013 30

Rust Weaponization for Red Team Engagements.

Language:Rust11 10

This repository contains the POC and the scanner to catch the Shortcut Hotkey Exploitation method.

Language:PythonGPL-3.06 20

Language:TypeScriptGPL-3.02 20