Try's starred repositories
FindObjects-BOF
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.
ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
ThreadlessInject-BOF
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
sleepmask_PatchlessHook
Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
Defender_Exclusions-BOF
A BOF to determine Windows Defender exclusions.
HumanSystemOptimization
健康学习到150岁 - 人体系统调优不完全指南
RedTeamOps-Havoc-101
Materials for the workshop "Red Team Ops: Havoc 101"
Supershell
Supershell C2 远控平台,基于反向SSH隧道获取完全交互式Shell
gobfuscate
Obfuscate Go binaries and packages
SKRoot-linuxKernelRoot
新一代SKRoot,挑战全网root检测手段,跟面具完全不同思路,摆脱面具被检测的弱点,完美隐藏root功能,全程不需要暂停SELinux,实现真正的SELinux 0%触碰,通用性强,通杀所有内核,不需要内核源码,直接patch内核,兼容安卓APP直接JNI调用,稳定、流畅、不闪退。
BofAllTheThings
Creating a repository with all public Beacon Object Files (BoFs)
iscsicpl_bypassUAC
UAC bypass for x64 Windows 7 - 11
sleepmask_ekko_cfg
Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
go-size-analyzer
A tool for analyzing the size of compiled Go binaries, offering cross-platform support, detailed breakdowns, and multiple output formats.
SharpBlock
A method of bypassing EDR's active projection DLL's by preventing entry point exection
Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768
CallbackLoader
Callback Function Loader Implemented in Go