Yeah9782's repositories
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
AlanFramework
A C2 post-exploitation framework
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
Cobalt-Strike-KitsCustom
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
DojoLoader
Generic PE loader for fast prototyping evasion techniques
eckmar-darkweb-market
A privacy-focused marketplace for the dark web (also known as the Eckmar's Marketplace Script).
Evilginx-Phishing-Infra-Setup
Evilginx Phishing Engagement Infrastructure Setup Guide
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Evilginx2-Phishlets
Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes
evilginx2-TTPs
Reverse engineered to remove IOCs, added Exchange Online Protection IP blacklist and bing-bot user-agent blocking, DNS configuration and notes on usage.
GH-Injector-Library
A feature rich DLL injection library.
Havoc
The Havoc Framework
hypervisor
Hypervisor with EPT hooking support.
InflativeLoading
Dynamically convert a native EXE to PIC shellcode by prepending a shellcode stub
LetMeowIn
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
mmLoader
A library for loading dll module bypassing windows PE loader from memory (x86/x64)
Modules
Modules used by the Havoc Framework
MutationGate
Use hardware breakpoint to dynamically change SSN in run-time
No-Consolation
A BOF that runs unmanaged PEs inline
NovaLdr
Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
obfus.h
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
obfusheader.h
Obfusheader.h is a portable header file for C++14 compile-time obfuscation.
OdinLdr
Cobaltstrike UDRL with memory evasion
phnt-single-header
Single header version of System Informer's phnt library.
processhacker
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
Shoggoth
Shoggoth: Asmjit Based Polymorphic Encryptor
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
unicorn_pe
Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.