V1rtu0l's repositories
aes_dust
Unlicensed tiny / small portable implementation of 128/256-bit AES encryption in C, x86, AMD64, ARM32 and ARM64 assembly
AVKiller
一种通过进程注入实现强制关闭部分杀软进程的方法(以360安全卫士和360杀毒为例)
awesome-edr-bypass
Awesome EDR Bypass Resources For Ethical Hacking
C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
detection-rules
Rules for Elastic Security's detection engine
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
FakePort
Port Virtual Open
FakeToa
TCP IP伪造,建议使用 ubuntu 22.04
fileSearcher
A simple BOF (Beacon Object File) to search files in the system
GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
IDAPluginList
IDA插件集合,含项目名称及项目地址,每日定时Clone项目。
Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
KernelSU
A Kernel based root solution for Android
LdrLibraryEx
A small x64 library to load dll's into memory.
llvm-yx-callobfuscator
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
maldev
Golang library for malware development
No-Consolation
A BOF that runs unmanaged PEs inline
pendulum
Linux Sleep Obfuscation
PoolPartyBof
A beacon object file implementation of PoolParty Process Injection Technique.
pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
ReadPhys
r/w virtual memory without attach
RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
RemoteTLSCallbackInjection
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
VMAware
VM detection library (beta)
vxlang-page
protector & obfuscator & code virtualizer
WhoamiAlternatives
Different methods to get current username without using whoami