Yeah9782's repositories
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
AlanFramework
A C2 post-exploitation framework
Amsi-Killer
Lifetime AMSI bypass
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
BounceBack
↕️🤫 Stealth redirector for your red team operation security
Cobalt-Strike-KitsCustom
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
GH-Injector-Library
A feature rich DLL injection library.
grimreaper
A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
Havoc
The Havoc Framework
hypervisor
Hypervisor with EPT hooking support.
InflativeLoading
Dynamically convert a native EXE to PIC shellcode by prepending a shellcode stub
infosec-resources
A list of helpful cybersecurity / infosec resources
KsDumper-11
A revival of the classic and legendary KsDumper
LetMeowIn
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
MemoryModulePP
MemoryModule which compatible with Win32 API and support exception handling
mmLoader
A library for loading dll module bypassing windows PE loader from memory (x86/x64)
Modules
Modules used by the Havoc Framework
MutationGate
Use hardware breakpoint to dynamically change SSN in run-time
No-Consolation
A BOF that runs unmanaged PEs inline
obfus.h
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
obfusheader.h
Obfusheader.h is a portable header file for C++14 compile-time obfuscation.
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
Shoggoth
Shoggoth: Asmjit Based Polymorphic Encryptor
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
unicorn_pe
Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.