My_Mr_E's repositories
acCOMplice
Tools for discovery and abuse of COM hijacks
AntiDebugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
certexp
Certificate Export Utility
Change-Lockscreen
Offensive tool to trigger network authentications as SYSTEM
com-rs
A Rust Crate for Creating and Consuming COM APIs
CVE-2020-0668
Use CVE-2020-0668 to perform an arbitrary privileged file move operation.
CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27
diaghub
Loads a custom dll in system32 via diaghub.
donutCS
dem sharp donuts
endgame
An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈
hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
kinject
Kernel shellcode injector
lsassy
Extract credentials from lsass remotely
metasploit-execute-assembly
Custom Metasploit post module to executing a .NET Assembly from Meterpreter session
MiscTools
Miscellaneous Tools
ObjectExplorer
Windows Kernel Object Explorer
pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
ProcessInjection
This program is designed to demonstrate various process injection techniques
RecycledGate
Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
Reg1c1de
Registry permission scanner written in C# for finding potential privesc avenues within registry
ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
Seth
Perform a MitM attack and extract clear text credentials from RDP connections
SK8RAT
C++ implant that interfaces with a SK8PARK server
SysWhispers
AV/EDR evasion via direct system calls.
TheWover.github.io
Blog. Watch the repo to subscribe
UltimateAppLockerByPassList
The goal of this repository is to document the most common techniques to bypass AppLocker.
UsoDllLoader
Windows - Weaponizing privileged file writes with the Update Session Orchestrator service