clod81

followers

following

stars

Tier Zero Security

Organizations

zxsecurity

clod's repositories

block_service_workers

Extension to block Service Workers registration in Chrome (also see https://shadow-workers.github.io )

Language:JavaScriptMIT43 7 13

shellcode_runner_copy_in_chunk

C# loader that copies a chunk at the time of the shellcode in memory, rather that all at once

Language:C#2200

loader_process_hollow_copy_in_chunk

About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once

Language:C#12 10

shellcode_runner_copy_encoded_decode_after

C# loader that copies an encoded shellcode in memory and decodes after the initial memory write

Language:C#8 2 1

loader_process_hollow_decode_after_initial_write

C# loader that copies an encoded shellcode in memory in a suspended process and decodes it byte by byte afterwards

Language:C#300

jemquarie

Jemquarie provides an easy way to interact with Macquarie ESI api. For Ruby and Ruby on Rails.

Language:RubyMIT100

orpheus

Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types

Language:Python100

aad-sso-enum-brute-spray

POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln

Language:PowerShell000

beef

The Browser Exploitation Framework Project

Language:JavaScript000

brown-bags

000

ChromeHttpRequestBlocker

Chrome extension that allows blocking HTTP request based on URL pattern definitions.

Language:JavaScriptApache-2.0010

Creds

Some usefull Scripts and Executables for Pentest & Forensics

Language:PowerShell010

D-Pwn

D/Invoke standalone shellcode runners

BSD-3-Clause000

DInvoke

Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.

000

eaphammer

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

GPL-3.0000

EDRSandblast-GodFault

EDRSandblast-GodFault

000

ess

Shopify's Enterprise Script Service

Language:RubyMIT000

evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

GPL-3.0000

gmapsapiscanner

MIT000

iBoot

Language:C000

metasploit-framework

Metasploit Framework

Language:RubyNOASSERTION000

Neo-reGeorg

Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

GPL-3.0000

oauth2

A Ruby wrapper for the OAuth 2.0 protocol.

Language:RubyMIT030

OSEP-Code-Snippets

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

000

owasp-mstg

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.

CC-BY-SA-4.0000

SharpDPAPI

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

Language:C#NOASSERTION000

Shhhloader

SysWhispers Shellcode Loader (Work in Progress)

GPL-3.0000

STFUEDR

Silence EDRs by removing kernel callbacks

Language:C++010

token-incrementor

Burp extension to increment a parameter in each active scan request

Language:JavaApache-2.0020

Walrus

An Android app that lets you use your access control card cloning devices in the field.

Language:JavaGPL-3.0030