RATandC2-Features's repositories
LdrLibraryEx
A small x64 library to load dll's into memory.
LoudSunRun
Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
SharpVeeamDecryptor
Decrypt Veeam database passwords
SspiUacBypass
Bypassing UAC with SSPI Datagram Contexts
curve25519
[key exhange] C# .NET Port of the Curve25519 Diffie-Hellman function
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
ReflectiveLdr
Position-idependent Windows DLL loader based on ReflectiveDLL project.
COFF-Loader
A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
curve25519_2
Highly efficient implementation of elliptic curve 25519
DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
graftcp
A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
HttpInterface
【通讯】Windows上C++封装的HTTP库,包含三种实现模式(WinInet、WinHttp、socket)
Inline-Execute-PE
Execute unmanaged Windows executables in CobaltStrike Beacons
Keyloger-KeyStriker
A linux keyloger
Little-CRT
remove c-runtime dependencies
maldev
⚠️ malware development
Melon
A generic cross-platform asynchronous high-performance C framework, including a lot of components and a new coroutine script language Melang.
MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
No-Consolation
A BOF that runs unmanaged PEs inline
Packer
Packer is a compact, fast and crosss-platform serialization library for store data in a buffer
psinline
in-process powershell runner for BRC4
RDPCredentialStealer
RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++
Shaco
[ 植入端 ] Shaco is a linux agent for havoc
socks5
Basic Reverse SOCKS5 proxy client with simple GUI
yuze
A socksv5 proxy tool Written by CLang. 一款纯C实现的基于socks5协议的轻量内网穿透工具,支持ew的全部数据转发方式