NyxKazuya

Mindmap

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

CVE-2024-3495-Poc

CVE-2024-3495 Country State City Dropdown CF7 <= 2.7.2 - Unauthenticated SQL Injection

RWX_MEMEORY_HUNT_AND_INJECTION_DV

Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.

needle-in-a-needlestack

EDR-Test

Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].

c2-cloud

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.

Learning-EDR-and-EDR_Evasion

I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.

NiceRAT

NiceRAT - is an easy-to-use, Python-based RAT & Stealer, which send info to your webhook. You can recover passwords, aplication data, discord info and much more.

CrimsonEDR

Simulate the behavior of AV/EDR for malware development training.

Android-14-Remove-APK-Protection

This Patch make Android 14 allow install modded system apk

DelegationBOF

pandora

A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.

Augustus

Evasive Golang Loader

C2_RedTeam_CheatSheets

Useful C2 techniques and cheatsheets learned from engagements

KaynStrike

UDRL for CS

XiebroC2

Supports multi-person collaborative penetration testing graphical framework, Lua plug-in extension, domain front-end/CDN online, custom multiple modules, custom sRDI, file management, process management, memory loading, screenshot, Socks5

Xiebro-Plugins

xiebroC2 plugin

DNS-Tunnel-Keylogger

Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.

HTMLSmuggler

✉️ HTML Smuggling generator&obfuscator for your Red Team operations

xortostealer

🌟[NEW] Log by Telegram+Clipper ✅ [0/70] FUD Stealer can bypass all antivirus (Our Grabber can grabs: Wallets, Passwords, Credit Card, Cookies, Autofills, All Discord Token and info, Telegram, Twitter, TikTok, Twitch, Spotify, Riot Games, Roblox, Steam, Wallet Injection and Backup code ( 2fa/a2f ). 🔑 ⚠Disclaimer: We're not liable for caused damage

BounceBack

↕️🤫 Stealth redirector for your red team operation security

DarkWidow

Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing

RansomwareSim

RansomwareSim is a simulated ransomware

xeno-rat

Xeno-RAT is an open-source remote access tool (RAT) developed in C#, providing a comprehensive set of features for remote system management. Has features such as HVNC, live microphone, reverse proxy, and much much more!

CameraHackingBot

Track Down people by just using a link.

GhostTask

A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

SmsCommandBot

TJprojMain-explorer.exe-remover

This simple batch script will get rid of the annoying TJprojMain malware, which infects all your exe files to spread

ExecIT

Execute shellcode files with rundll32

GraphStrike

Cobalt Strike HTTPS beaconing over Microsoft Graph API