eversinc33

еверсинц33's repositories

Banshee

Experimental Windows x64 Kernel Rootkit.

Language:C++413 11 2

BouncyGate

Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).

Language:Nim176 40

unKover

PoC Anti-Rootkit to uncover Windows Drivers/Rootkits mapped to Kernel Memory.

Language:C++109 30

GpuDecryptShellcode

XOR decrypting shellcode using the GPU with OpenCL.

Language:C++82 40

MalwareAdventurez

My adventures in learning about different userland malware techniques, such as syscalls, injection, unhooking or sandbox evasion.

Language:C++67 20

Invoke-Pre2kSpray

Enumerate domain machine accounts and perform pre2k password spraying.

Language:PowerShell6100

SharpStartWebclient

Programmatically start WebClient from an unprivileged session to enable that juicy privesc.

Language:C#60 20

Godmode

Tool for playing with Windows Access Token manipulation.

Language:C51 30

1.6-C2

Using the Counter Strike 1.6 RCON protocol as a C2 Channel.

Language:C++50 10

CredGuess

Generate password spraying lists based on the pwdLastSet-attribute of users.

Language:Python49 2 1

deepsea

Deepsearch leak database client, as an alternative for pwndb

Language:Python15 2 2

RDPassSpray

Python3 tool to perform password spraying using RDP

Language:PythonGPL-3.015 10

Talks

Repository for slide decks of public talks I've given.

1400

urlExtract

Recursively extract urls from a web page for reconnaissance.

Language:Go8 2 1

Web-Windows-Login-Phishing

Web based fake Windows Login Screen Phishing.

Language:HTMLMIT800

YA-PSX-EMU

Playstation (PSX) Emulator (WIP).

Language:C++3 20

Bitmancer

Nim Library for Offensive Security Development

Language:NimGPL-3.02 10

ghidra-WDF-gdt

Ghidra .gdt files for parts of the Kernel Mode Driver Framework (KMDF) part of WDF

Language:C200

Malware_Analysis_Scripts

Scripts used for malware analysis / reversing.

Language:Python2 20

eversinc33.github.io

Language:HTML1 20

toolbox-pentest-web

Docker toolbox for pentest of web based application.

Language:PythonGPL-3.01 10

aadint

Language:PowerShellMIT010

eversinc33

020

ItWasAllADream

A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE

Language:Python010

monero

Monero: the secure, private, untraceable cryptocurrency

Language:C++NOASSERTION010

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

MIT000

PowerSharpPack

Language:PowerShell010

PrivescCheck

Privilege Escalation Enumeration Script for Windows

BSD-3-Clause000

SharpHound

C# Data Collector for BloodHound

Language:C#GPL-3.0010

SharpHoundCommon

Common library used by SharpHound.

Language:C#GPL-3.0010