Kara-4search

Kara-4search's starred repositories

quivr

Your GenAI Second Brain 🧠 A personal productivity assistant (RAG) ⚡️🤖 Chat with your docs (PDF, CSV, ...) & apps using Langchain, GPT 3.5 / 4 turbo, Private, Anthropic, VertexAI, Ollama, LLMs, that you can share with users ! Local & Private alternative to OpenAI GPTs & ChatGPT powered by retrieval-augmented generation.

Language:TypeScriptApache-2.027752 238 1043

lsassy

Extract credentials from lsass remotely

Language:PythonMIT1866 51 34

vmprotect-3.5.1

Language:C++1842 36 4

GodPotato

Language:C#Apache-2.01738 10 12

HiddenDesktop

HVNC for Cobalt Strike

Language:CMIT1146 15 4

SigFlip

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

Language:C#MIT1056 21 11

Artfuscator

A C compiler targeting an artistically pleasing nightmare for reverse engineers

Language:CMIT996 11 2

SharpRDP

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution

Language:C#BSD-3-Clause980 33 12

PoolParty

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

Language:C++BSD-3-Clause915 14 3

Terminator

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

Language:C++905 18 10

CheckPlease

Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.

Language:GoGPL-3.0895 30 1

RunPE-In-Memory

Run a Exe File (PE Module) in memory (like an Application Loader)

Language:C++GPL-3.0839 24 13

KillDefender

A small POC to make defender useless by removing its token privileges and lowering the token integrity

Language:C++663 12 3

WinDefenderKiller

Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys

Language:C++406 5 1

LdrLockLiberator

For when DLLMain is the only way

Language:CMIT343 11 3

sharem

SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.

Language:PythonGPL-3.0334 11 7

Caro-Kann

Encrypted shellcode Injection to avoid Kernel triggered memory scans

Language:C332 5 4

ContainYourself

A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.

Language:C++301 2 1

BannerlordCoop

Language:C#MIT257 37 609

Jormungandr

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

Language:C++GPL-3.0218 60

SignatureGate

Weaponized HellsGate/SigFlip

Language:C#188 5 2

CVE-2023-36745

Language:Python163 4 2

ShellWasp

ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Windows syscalls. ShellWasp is built for 32-bit, WoW64. ShellWasp 2.0 includes novel ways to invoke the syscall in WoW64.

Language:PythonMIT156 4 3