Giters
bhassani

bhassani

Geek Repo

187

followers

25

following

627

stars

Location:Stockholm, Sweden

Github PK Tool:Github PK Tool

bhassani's repositories

CallbackHell

Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

Language:C++License:MITStargazers:1Issues:0Issues:0

GoriaNet

🐼 IoT worm written in pure golang.

License:GPL-3.0Stargazers:1Issues:0Issues:0

StopDefender

Stop Windows Defender programmatically

Language:C++Stargazers:1Issues:0Issues:0

2022-01-14-malware-injection-13

Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example

Stargazers:0Issues:0Issues:0

ADExplorerSnapshot.py

ADExplorerSnapshot.py is an AD Explorer snapshot ingestor for BloodHound.

Stargazers:0Issues:0Issues:0

bloodyAD

BloodyAD is an Active Directory Privilege Escalation Framework

License:GPL-3.0Stargazers:0Issues:0Issues:0

CVE-2021-44228-Apache-Log4j-Rce

Apache Log4j 远程代码执行

Language:JavaStargazers:0Issues:1Issues:0

CVE-2022-21882

Stargazers:0Issues:0Issues:0

CVE-2022-21883

win32k LPE

Stargazers:0Issues:0Issues:0

DriverAnalyzer

A static analysis tool that helps security researchers scan a list of Windows kernel drivers for common vulnerability patterns in drivers (CVE makers!)

License:MITStargazers:0Issues:0Issues:0

DriverBuddyReloaded

Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks

License:GPL-3.0Stargazers:0Issues:0Issues:0

FileInsight-plugins

FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis

License:NOASSERTIONStargazers:0Issues:0Issues:0

FunctionStomping

A new shellcode injection technique. Given as C++ header or standalone Rust program.

License:BSD-2-ClauseStargazers:0Issues:0Issues:0

get-log4j-exploit-payload

Stargazers:0Issues:0Issues:0

injdrv

proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC

Language:CLicense:MITStargazers:0Issues:0Issues:0

JNDI-Exploit-Kit

JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)

License:MITStargazers:0Issues:0Issues:0

KernelBypassSharp

C# Kernel Mode Driver to read and write memory in protected processes

License:MITStargazers:0Issues:0Issues:0

L4sh

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

Language:PythonStargazers:0Issues:0Issues:0

log4jpwn

log4j rce test environment

License:GPL-3.0Stargazers:0Issues:0Issues:0

Log4Shell

Check, exploit, obfuscate, TLS, ACME about log4j2 vulnerability in one Go program.

License:GPL-3.0Stargazers:0Issues:0Issues:0

MalMemDetect

Detect strange memory regions and DLLs

License:GPL-3.0Stargazers:0Issues:0Issues:0

NamedPipe-NotPetya

Emulate NotPetya NamedPipe "server"

Language:C++Stargazers:0Issues:0Issues:0

pe

A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

Language:GoLicense:MITStargazers:0Issues:1Issues:0

PowerRemoteDesktop

Remote Desktop entirely coded in PowerShell.

License:Apache-2.0Stargazers:0Issues:0Issues:0

ProxyDLLExample

code for the Proxy DLL example blog post

License:Apache-2.0Stargazers:0Issues:0Issues:0

pycobalt

Cobalt Strike Python API

Stargazers:0Issues:0Issues:0

ScareCrow-CobaltStrike

Cobalt Strike script for ScareCrow payloads (EDR/AV evasion)

Language:PythonLicense:MITStargazers:0Issues:1Issues:0

Shellcode_Memory_Loader

基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)

Stargazers:0Issues:0Issues:0

TurokLoader

A sophisticated ransomware loader similar to Locky, Conti, Emotet and Ryuk

License:CC0-1.0Stargazers:0Issues:0Issues:0

Unhook-Import-Address-Table

Piece of code to detect and remove hooks in IAT

Stargazers:0Issues:0Issues:0