an0x03e8

followers

following

stars

an0x03e8's starred repositories

comprehensive-rust

This is the Rust course used by the Android team at Google. It provides you the material to quickly teach Rust.

Language:RustApache-2.027519 139 283

winsw

A wrapper executable that can run any executable as a Windows service, in a permissive license.

Language:C#MIT11970 239 541

min-sized-rust

🦀 How to minimize Rust binary size 📦

Language:RustMIT8012 106 36

collisions

Hash collisions and exploitations

Language:Python3040 45 12

hidden

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

Language:C1763 68 53

RunPE-In-Memory

Run a Exe File (PE Module) in memory (like an Application Loader)

Language:C++GPL-3.0831 24 13

windows-api-function-cheatsheets

A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

Language:PowerShellGPL-3.0664 16 7

sccmhunter

Language:PythonMIT633 2 26

Inline-Execute-PE

Execute unmanaged Windows executables in CobaltStrike Beacons

Language:CApache-2.0629 16 3

Red-team-Interview-Questions

Red team Interview Questions

CallStack-Spoofer

This tool will allow you to spoof the return addresses of your functions as well as system functions.

Language:C++Apache-2.0402 10 1

ThreadlessInject-BOF

BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.

Language:CMIT363 5 2

WSuspicious

WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations

Language:C#MIT339 24 7

PatchlessCLRLoader

.NET assembly loader with patchless AMSI and ETW bypass

Language:C268 6 1

ZeroHVCI

Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.

Language:C151 30

Maestro

Language:C#GPL-3.0147 20

ShimMe

Language:C++12100

ASRepCatcher

Make everyone in your VLAN ASRep roastable

Language:PythonGPL-3.0114 20

BOFRyptor

Language:Assembly113 50

ModuleStomping

https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/

Language:C++112 6 3

koppeling-p

Adaptive DLL hijacking / dynamic export forwarding - EAT preserve

Language:PythonGPL-3.072 10

VectoredExceptionHandling

Language:C6900

rust-reversing-workshop-recon-2024

Language:Rust6500

PsInPic

A powershell module for hiding payloads in the pixels of images

Language:PowerShell59 20

bypassing-av-detection

Bypassing antivirus detection: old-school malware, new tricks

Language:C++MIT47 2 2

insomnia

a stage1 DLL loader with sleep obfuscation

Language:CGPL-3.032 10

bof-registry

Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry

Language:C2500

malicious-service

Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions

Language:C13 30

sabozero

Staged Rust DLL EarlyBird Loader

Language:Rust300