Solomon Sklash's repositories
Cookie-Graber-BOF
C or BOF file to extract WebKit master key to decrypt user cookie
Hunt-Weird-ImageLoads
Small tool to play with IOCs caused by Imageload events
titanldr-ng
A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
Adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
blacklotus
A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
BlackLotus2
BlackLotus UEFI Windows Bootkit
BokuLoader
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
Caro-Kann
Encrypted shellcode Injection to avoid Kernel triggered memory scans
DLHell
Local & remote Windows DLL Proxying
EtwTi-FluctuationMonitor
Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
LdrLibraryEx
A small x64 library to load dll's into memory.
LdrLockLiberator
For when DLLMain is the only way
linWinPwn
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
LoudSunRun
Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
msvc-wine
Scripts for setting up and running MSVC in Wine on Linux
MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
perfect-loader
Load a dynamic library from memory by modifying the native Windows loader
Periscope
Fully Integrated Adversarial Operations Toolkit (C2, stagers, agents, ephemeral infrastructure, phishing engine, and automation)
Proxy-Function-Calls-For-ETwTI
The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/
superlooper
An open source programmable looping pedal based off of the BYOC super8 pedal.
SymProcAddress
Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)