Riccardo Ancarani's repositories
lolcerts
A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors
vxlang-page
protector & obfuscator & code virtualizer
riccardoancarani.github.io
:sparkles: Build a beautiful and simple website in literally minutes. Demo at http://deanattali.com/beautiful-jekyll
coffee
A COFF loader made in Rust
HiddenDesktop
HVNC for Cobalt Strike
VMProtect-Source
Source of VMProtect (NOT OFFICIALLY)
DynamicWrapperEx
x64 Registration-Free In-Process COM Automation Server.
titan
Titan: A generic user defined reflective DLL for Cobalt Strike
bof-registry
Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry
sneaky_gophish
Hiding GoPhish from the boys in blue
LiquidSnake
LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
HTTPS_CSharp_Server
Implementing a Multithreaded HTTP/HTTPS Debugging Proxy Server in C# xref. `https://www.codeproject.com/Articles/93301/Implementing-a-Multithreaded-HTTP-HTTPS-Debugging`
DNSStager
Hide your payload in DNS
OffensivePH
OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
Random
Assorted scripts and one off things
sakeInject
Windows PE - TLS (Thread Local Storage) Injector in C/C++
sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
DirSync-Poc
A PoC that uses the DirSync protocol to poll Active Directory for changes
msldap
LDAP library for auditing MS AD