ElementDemons's repositories
Anti-Rootkit
Windows Anti-Rootkit Tool
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
AtomLdr
A DLL loader with advanced evasive features
awesome-useful-tools
red or blue
Black-Angel-Rootkit
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
CallStackMasker
A PoC implementation for dynamically masking call stacks with timers.
CVE-2022-37969
Windows LPE exploit for CVE-2022-37969
drvscan
handy tool for scanning memory changes in driver executable pages
Fortnite-External
💭 Fortnite External Cheat Release / Feature Aimbot + Esp
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
HummerRisk
HummerRisk 是云原生安全平台,包括混合云安全治理和容器云安全检测。
hv
Lightweight Intel VT-x Hypervisor.
hw-call-stack
Use hardware breakpoints to spoof the call stack for both syscalls and API calls
HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
HyperVisor-Injector
Easy To Use Hyper-Visor Injector for Easy Anti Cheat, Battleye | supports amd + intel | Undetected + Active updates
Killer
Is a tool created to evade AVs and EDRs or security tools.
MemFiles
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
MemProcFS
MemProcFS
nullmap
Using CVE-2023-21768 to manual map kernel mode driver
Process-Hollowing-1
Process Hollowing in C++ (x86 / x64) - Process PE image replacement
RedTeaming_CheatSheet
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
ret-sync
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
saferwall
:cloud: Collaborative Malware Analysis Platform at Scale
UnhookingPatch
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Win32_Offensive_Cheatsheet
Win32 and Kernel abusing techniques for pentesters
Windows-Machine-Learning
Samples and Tools for Windows ML.
Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768
ZeroThreadKernel
Recursive and arbitrary code execution at kernel-level without a system thread creation