NyaMeeEain's repositories
frameless-bitb
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.
AccessToken-Impersonation
Access Token Manipulation to elevate to system from local admin
Bypass_UAC
Bypass UAC Using fodhelper.exe
Custom_Tooling
I created Custom Programs/binaries For my engagements. Most of these were created during my engagement period. Now I share a few for educational purposes.
EmailScraper
Email OSINT Phishing
QueueUserAPC
QueueUserAPC Process Injection with XOR Decrypt & Encrypt.
CS-AutoPostChain
基于 OPSEC 的 CobaltStrike 后渗透自动化链
CVE-2023-24055_PoC
CVE-2023-24055 PoC (KeePass 2.5x)
dropper
Project that generates Malicious Office Macro Enabled Dropper for DLL SideLoading and Embed it in Lnk file to bypass MOTW
evilgophish
evilginx3 + gophish
FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
Fuck-Etw
Bypass the Event Trace Windows(ETW) and unhook ntdll.
HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
LetMeowIn
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
maldev
⚠️ malware development
nanodump
The swiss army knife of LSASS dumping
OSEP-Breaking-Chains
A collection of code snippets built to assist with breaking chains.
PatchlessCLRLoader
.NET assembly loader with patchless AMSI and ETW bypass
portswigger-websecurity-academy
Writeups for PortSwigger WebSecurity Academy
Reflective_PE_Loader
Program to load a PE inside memory on another process.
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
SuperSharpShooter
Payload Generation Framework
wolfy
Wolfy AV Bypasser
wstunnel
Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available