Giters
Kara-4search

Kara-4search

Geek Repo

216

followers

0

following

281

stars

Company:SF-Express

Location:unknown

Twitter:@Kara4Search

Github PK Tool:Github PK Tool

Kara-4search's repositories

AddressOfEntryPoint_Hijack_CSharp

Shellcode injection or execution via AddressOfEntryPoint hijack.

Language:C#Stargazers:7Issues:2Issues:0

CreateThreadpoolWait_ShellcodeExecution_CSharp

Shellcode execution via CreateThreadpoolWait with Csharp

Language:C#Stargazers:7Issues:2Issues:0

PPLcontrol

Controlling Windows PP(L)s

Language:C++Stargazers:3Issues:0Issues:0

ProjectPics

For temp pictures

Stargazers:3Issues:0Issues:0

DFSCoerce

Language:PythonStargazers:1Issues:0Issues:0

test

test

Stargazers:1Issues:1Issues:0

AceLdr

Cobalt Strike UDRL for memory scanner evasion.

License:MITStargazers:0Issues:0Issues:0

AlternativeShellcodeExec

Alternative Shellcode Execution Via Callbacks

Language:C++License:MITStargazers:0Issues:0Issues:0

capa

The FLARE team's open-source tool to identify capabilities in executable files.

Language:PythonLicense:Apache-2.0Stargazers:0Issues:0Issues:0

CobaltStrike

CobaltStrike

Stargazers:0Issues:0Issues:0

CVE-2022-3602

Language:PythonStargazers:0Issues:0Issues:0

CVE-2022-39197-patch

CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch.

Language:JavaStargazers:0Issues:0Issues:0

DCMB

Dont Call Me Back - Dynamic kernel callback resolver.

Language:CStargazers:0Issues:0Issues:0

DeathSleep

A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.

Language:PythonStargazers:0Issues:0Issues:0

Dirty-Vanity

A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417

Stargazers:0Issues:0Issues:0

Freeze

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

Language:GoLicense:MITStargazers:0Issues:0Issues:0

goblin

一款适用于红蓝对抗中的仿真钓鱼系统

Language:GoLicense:GPL-3.0Stargazers:0Issues:0Issues:0

HackSysExtremeVulnerableDriver

HackSys Extreme Vulnerable Windows Driver

Language:CLicense:NOASSERTIONStargazers:0Issues:0Issues:0

ImHex

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Language:C++License:GPL-2.0Stargazers:0Issues:0Issues:0

KDU

Kernel Driver Utility

Language:CLicense:MITStargazers:0Issues:0Issues:0

KillDefender

A small POC to make defender useless by removing its token privileges and lowering the token integrity

Stargazers:0Issues:0Issues:0

physmem2profit

Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely

Language:C#License:Apache-2.0Stargazers:0Issues:0Issues:0

RedGuard

RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.

Language:GoLicense:GPL-2.0Stargazers:0Issues:0Issues:0

sgn_p

Shikata ga nai (仕方がない) encoder ported into go with several improvements

License:MITStargazers:0Issues:0Issues:0

Shelltropy

A technique of hiding malicious shellcode via Shannon encoding.

License:GPL-3.0Stargazers:0Issues:0Issues:0

Some_Pentesters_SecurityResearchers_RedTeamers

Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...

Stargazers:0Issues:0Issues:0

SourcePoint

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

Language:GoStargazers:0Issues:0Issues:0

Taskschedule-Persistence-Download-Cradles

Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged

Language:HTMLStargazers:0Issues:0Issues:0

vulnerability-write-ups

This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.

Stargazers:0Issues:0Issues:0

VulnerabilityPoC

Stargazers:0Issues:0Issues:0