PJ's repositories
teams_dump
PoC for dumping and decrypting cookies in the latest version of Microsoft Teams
CVE-2024-3094-info
Information for CVE-2024-3094
qu1ckdr0p2
Quicky serve files over http or https using flask.
qu1ckdr0p2-tools
Red Team / Pentest tooling used in Qu1ckdr0p2
Cobalt-Strike
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
Disable-Windows-Defender-
Disable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
SharpLateral
Lateral Movement
BloodHound
Six Degrees of Domain Admin
Chimera
Automated DLL Sideloading Tool With EDR Evasion Capabilities
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Hooka
Evasive shellcode loader, hooks detector and more
impacket
Impacket is a collection of Python classes for working with network protocols.
MAAS
Malware As A Service
Modules
Modules used by the Havoc Framework
NetExec
The Network Execution Tool
p-invoke.net
P/Invoke definitions from the now offline pinvoke.net - Website: https://www.p-invoke.net/
PocOrExp_in_Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
protections-artifacts
Elastic Security detection content for Endpoint
PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team
SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
SharpExShell
SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.
SQL-BOF
Library of BOFs to interact with SQL servers