NULL's starred repositories
MalSeclogon
A little tool to play with the Seclogon service
go-secdump
Tool to remotely dump secrets from the Windows registry
Harden-Windows-Security
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
Thread-Pool-Injection-PoC
Proof of concept code for thread pool based process injection in Windows.
x64win-DynamicNoNull-WinExec-PopCalc-Shellcode
64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free
llvm-yx-callobfuscator
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
APT_REPORT
Interesting APT Report Collection And Some Special IOC
StackBombing
Next gen process injection technique
Win-Exploit-Inject
PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts
DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
GuidedHacking-Injector
The BEST DLL Injector Library.
NativeLeakDetector
Win32 memory leak detector with ETW
Malwear-Sweet
Malware?
CallBackDump
dump lsass进程工具