Riccardo Ancarani's repositories
LiquidSnake
LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
DirSync-Poc
A PoC that uses the DirSync protocol to poll Active Directory for changes
bof-registry
Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry
OffensivePH
OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
riccardoancarani.github.io
:sparkles: Build a beautiful and simple website in literally minutes. Demo at http://deanattali.com/beautiful-jekyll
DynamicWrapperEx
x64 Registration-Free In-Process COM Automation Server.
sakeInject
Windows PE - TLS (Thread Local Storage) Injector in C/C++
sneaky_gophish
Hiding GoPhish from the boys in blue
coffee
A COFF loader made in Rust
HiddenDesktop
HVNC for Cobalt Strike
HTTPS_CSharp_Server
Implementing a Multithreaded HTTP/HTTPS Debugging Proxy Server in C# xref. `https://www.codeproject.com/Articles/93301/Implementing-a-Multithreaded-HTTP-HTTPS-Debugging`
lolcerts
A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors
Random
Assorted scripts and one off things
titan
Titan: A generic user defined reflective DLL for Cobalt Strike
VMProtect-Source
Source of VMProtect (NOT OFFICIALLY)
vxlang-page
protector & obfuscator & code virtualizer