Kara-4search's repositories
ProjectPics
For temp pictures
ContainYourself
A POC of the ContainYourself research presented in DEF CON 31, which abuses the Windows containers framework to bypass EDRs.
WinDefenderKiller
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
CVE-2024-21338
Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
HiddenDesktop
HVNC for Cobalt Strike
LdrLibraryEx
A small x64 library to load dll's into memory.
Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
acheron
indirect syscalls for AV/EDR evasion in Go assembly
AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
Amsi-Killer
Lifetime AMSI bypass
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
clash_for_windows_pkg
A Windows/macOS GUI based on Clash
CVE-2023-36168
An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component
DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
gpt4free
decentralising the Ai Industry, just some language model api's...
Jormungandr
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
LdrLockLiberator
For when DLLMain is the only way
maldev
Golang library for malware development and red teamers
PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
proc-macro-workshop
Learn to write Rust procedural macros [Rust Latam conference, Montevideo Uruguay, March 2019]
quivr
🧠 Dump all your files and chat with it using your Generative AI Second Brain using LLMs ( GPT 3.5/4, Private, Anthropic, VertexAI ) & Embeddings 🧠
ShellWasp
ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Windows syscalls. ShellWasp is built for 32-bit, WoW64. ShellWasp 2.0 includes novel ways to invoke the syscall in WoW64.
SignatureGate
Weaponized HellsGate/SigFlip