S12cybersecurity's repositories
WinDefenderKiller
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
RDPCredentialStealer
RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++
NinjaInjector
Classic Process Injection with Memory Evasion Techniques implemantation
S12URootkit
User Mode Windows Rootkit
ShadowByte-Botnet
Complete Botnet Infrastucture with Malicious C&C Server And Malware Agents to infect Windows OS
PrivilegeEscalationClass
C++ Privilege Escalation Class to execute Process As Admin from User and Process as NT AUTHORITY SYSTEM from Admin
RansomwareS12
Simple Ransoware to attack Windows 🌟
ExplorerUACStealer
ExplorerUACStealer it's a malware that steal credentials provided by users in UAC Auth in explorer using API Hooking with Detours in C++
PDFTypeSpoofing
PDF Icon File Type Spoofer
FileExtractor
C++ Code to Extract Windows File and Receive in Linux Machine
KeyloggerS12
C++ keylogger to save all the keys pressed into a local txt file
MySQL-DataStealer
Post-Exploitation Tool to Steal MySQL Data, and with persistence extract all data from MySQL table every time that Windows are opened with a Server to receive the extracted Files
ThreatHijacking
Threat Hijacking Simple Implementation
AntiDebugging
Anti Debugging C++ Class
Reflective-DLL
Reflective DLL Injection Implementation
RemoteFunctionPatcher
Patch (block) whatever function you want in a remote process. Adding a ret instruction at the first memory address of this function, the target function will be exited automatically all the times called by this process
VirtualAlloc-Implementation
My Own VirtualAlloc Implementation to use as alternative unknown for all the defense solutions of VirtualAlloc Win32 API Function
IATHooking
Import Address Table Hooking Implementation
IPCObjects
C++ Code to perform IPC (Inter Process Connection) to share C++ Objects/Structures with other processes
MapFreeMemoryHandles
Find all type of handles free in Windows Memory
SandBox-Bypass
C++ Code to Bypass Sandbox and VM via RAM and Core victim info
FreeLoaderInjector
Typical Process Injection using Opened Handle Process, RWX Memory Space
FreeThreadHijacking
Perform Thread Hijacking Shellcode Injection without OpenProcess and OpenThread mapping all the free handles in memory