BruceBatman's repositories
BatDLLLoader
BatBasic BatDLL BatLoader and injection into a Bat Process.
AtomLdr
A DLL loader with advanced evasive features
BenevolentLoader
Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
Cloudflare-Redirector
Just another C2 Redirector using CloudFlare.
etwunhook
Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.
ExecIT
Execute shellcode files with rundll32
FormThief
Spoofing desktop login applications with WinForms and WPF
GhostlyHollowingViaTamperedSyscalls
Implementing the ghostly hollowing PE injection technique using tampered syscalls.
GoRedOps
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.
hash-dumper
Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already saved SAM and SYSTEM hives.
InflativeLoading
Dynamically convert a native EXE to PIC shellcode by appending a shellcode stub
Jomungand
Shellcode Loader with memory evasion
KDU
Kernel Driver Utility
LatLoader
PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
LdrLibraryEx
A small x64 library to load dll's into memory.
MalwareDevelopment
The projects im more confident in while learning MalDev
MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
OffensivePascal
Pascal Offsec repo for malware dev and red teaming 🚩
PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
powerview.py
Just another Powerview alternative
Proxy-DLL-Loads
A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
RedTeamHelp
Tools I use on red team engagements and more
RemoteTLSCallbackInjection
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
skuld
Next-Gen Stealer written in Go. Stealing from Discord, Chromium-Based & Firefox-Based Browsers, Crypto Wallets and more, from every user on every disk. (PoC. For educational purposes only)
UnlinkDLL
DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
xeno-rat
Xeno-RAT is an open-source remote access tool (RAT) developed in C#, providing a comprehensive set of features for remote system management. Has features such as HVNC, live microphone, reverse proxy, and much much more!