Giters
Kathan Patel (KathanP19)

KathanP19

Geek Repo

1k

followers

28

following

621

stars

Location:Gujarat,India

Twitter:@KathanP19

Github PK Tool:Github PK Tool

Kathan Patel's starred repositories

freegpt-webui

GPT 3.5/4 with a Chat Web UI. No API key required.

Language:PythonLicense:GPL-3.0Stargazers:5717Issues:56Issues:163

exploitation-course

Offensive Software Exploitation Course

Language:PythonStargazers:2317Issues:60Issues:2

BypassAV

This map lists the essential techniques to bypass anti-virus and EDR

Stargazers:2279Issues:35Issues:4

BlackLotus

BlackLotus UEFI Windows Bootkit

Language:CStargazers:1917Issues:29Issues:20

AppleJuice

Apple BLE proximity pairing message spoofing

Language:PythonLicense:Apache-2.0Stargazers:1658Issues:21Issues:39

Forensia

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

Language:C++License:GPL-3.0Stargazers:723Issues:15Issues:3

DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

Language:CStargazers:598Issues:10Issues:0

xurlfind3r

A command-line interface (CLI) based passive URLs discovery utility. It is designed to efficiently identify known URLs of given domains by tapping into a multitude of curated online passive sources.

Language:GoLicense:MITStargazers:538Issues:9Issues:20

PenetrationTesting_Notes-

My Notes about Penetration Testing

Language:HTMLStargazers:443Issues:7Issues:1

KQL

Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.

Stargazers:427Issues:21Issues:2

autobloody

Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound

Language:PythonLicense:MITStargazers:394Issues:5Issues:3

mhydeath

Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.

Language:C++Stargazers:367Issues:6Issues:4

NTDLLReflection

Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table

Language:C++License:MITStargazers:286Issues:4Issues:2

CRTP-Notes

Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing

Stargazers:270Issues:3Issues:1

RecycledInjector

Native Syscalls Shellcode Injector

Language:CStargazers:259Issues:2Issues:0

D1rkInject

Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, and reverting back memory protections and original memory state

Language:C++License:MITStargazers:167Issues:2Issues:0

DocPlz

Documents Exfiltration project for fun and educational purposes

Language:C++License:MITStargazers:145Issues:4Issues:1

combine_harvester

Rust in-memory dumper

Language:RustLicense:AGPL-3.0Stargazers:105Issues:4Issues:2

ModuleShifting

Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes

Language:PythonLicense:Apache-2.0Stargazers:105Issues:2Issues:1

xsubfind3r

A command-line interface (CLI) based passive subdomain discovery utility. It is designed to efficiently identify known subdomains of given domains by tapping into a multitude of curated online passive sources.

Language:GoLicense:MITStargazers:104Issues:4Issues:1

HtmlSmuggling

HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and JavaScript features to hide malicious payloads and evade security detections. The HTML smuggling method is highly evasive. It could bypass standard perimeter security controls like web proxies and email gateways, which only check for suspicious attachments like EXE, DLL, ZIP, RAR, DOCX or PDF

Language:PythonLicense:NOASSERTIONStargazers:99Issues:3Issues:0

SIEM-Cheat-Sheet

SIEM Cheat Sheet

Stargazers:71Issues:4Issues:0

BODMAS

Code for our DLS'21 paper - BODMAS: An Open Dataset for Learning based Temporal Analysis of PE Malware. BODMAS is short for Blue Hexagon Open Dataset for Malware AnalysiS.

Language:PythonLicense:BSD-2-ClauseStargazers:70Issues:4Issues:5

NoPhish

Language:JavaScriptLicense:GPL-3.0Stargazers:68Issues:2Issues:2

VT-stealer

VirusTotal Stealer is a DATA Exfiltration tool that exfitrate office documents and tunnel them over VirusTotal API to the Team Server

Language:C++License:MITStargazers:60Issues:2Issues:1

injection-for-dummies

A collection of PoCs for different injection techniques on Windows!

Language:CStargazers:39Issues:2Issues:0

PowerJoker

PowerJoker is a Dynamic PowerShell Reverse-Shell Generator; Unique Payloads with different results on Each Execution.

Language:PythonLicense:MITStargazers:30Issues:3Issues:0

pdf-smuggler

Create PDFs with HTML smuggling attachments that save on opening the document.

Language:PythonStargazers:25Issues:1Issues:1

b4blood

Finds Domain Controller on a network, enumerates users, AS-REP Roasting and hash cracking, bruteforces password, dumps AD users, DRSUAPI, scans SMB/NFS shares for passwords, scans for remote accesses, dumps NTDS.dit.

Language:PythonStargazers:17Issues:1Issues:7

Windows-Event-Logs-With-Event-IDs

A running list of Windows sources and the related event ids.

Stargazers:16Issues:2Issues:0