Solomon Sklash's repositories
COM-Hijacking
An example of COM hijacking using a proxy DLL.
DarkLoadLibrary
LoadLibrary for offensive operations
concealed_position
Bring your own print driver privilige escalation tool
CVE-2021-1675
Impacket implementation of CVE-2021-1675
CVE-2021-36934-Serious-Sam
C# PoC for CVE-2021-36934/HiveNightmare/SeriousSAM
DripLoader
Evasive shellcode loader for bypassing event-based injection detection (PoC)
EDR_Userland_Hook_Checker
Project to check which Nt/Zw functions your local EDR is hooking
FOLIAGE
Experiment on reproducing Obfuscate & Sleep
InlineExecute-Assembly
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
lazy_importer
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
LittleCorporal
LittleCorporal: A C# Automated Maldoc Generator
MemoryLoader
A .NET binary loader that bypasses AMSI
msvcrt.lib
.lib file for linking against the NT CRT
nt_wrapper
A wrapper library around native windows sytem APIs
Obfuscate
Guaranteed compile-time string literal obfuscation header-only library for C++14
OCDEP
OCD v2 and EP Booster guiltar pedals in a single 125B enclosure
packer-tutorial
Files for the packer tutorial
rich-header-eraser
This is a simple tool to remove the "Rich" header from binaries (EXE or DLL files) created by M$ development tools.
RunPE
C# Reflective loader for unmanaged binaries.
ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
ServiceMove-BOF
New lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution.
target-msvc-from-docker
Building for MSVC from Docker using Clang/LLVM.