Octo Leap's repositories
php-webshells
Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!
Pega-Sauce
Collection of Public information and reports regarding Pegasus spyware by NSO
privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Stealers-n-Panels
Collection of some info stealers samples (some with code) and panels.
android_kernel_samsung_universal9810
RZ Kernel tree for Exynos 9810 platform, based on ELS kernel with force pushes everyday
elegant-bouncer
ELEGANTBOUNCER is a detection tool for file-based mobile exploits.
Fuzzing-Survey
The Art, Science, and Engineering of Fuzzing: A Survey
injectAmsiBypass
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
misp-playbooks
MISP Playbooks
trackerslist
Updated list of public BitTorrent trackers
ExecuteAssembly
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
SECOMN_EoP
Sound Research SECOMN service Privilege Escalation (windows 10)
SysmonCommunityGuide
TrustedSec Sysinternals Sysmon Community Guide
WinAltSyscallHandler
Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
Windows-classic-samples
This repo contains samples that demonstrate the API used in Windows classic desktop applications.
x64dbg-ASLR-Removal
Plugin to patch and remove ASLR from the debugged file