gavz's repositories
BOF_All_Things
Beacon Object Files (BOF) for Cobalt Strike.
goffloader_bof
A Go implementation of Cobalt Strike style BOF/COFF loaders.
hookchain_EDR
HookChain: A new perspective for Bypassing EDR Solutions
limoncello_LLVM
Yet another LLVM-based obfuscator
RemoteSessionEnum
Remotely Enumerate sessions using undocumented Windows Station APIs
sdb_debugger
Source code for the book Building a Debugger
win32-shellcode
Win32 Shellcode CheatSheet: Your visual guide for crafting and understanding shellcode. Ideal for malware, and exploit developers
BEAR
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.
Bypass-Four03
Bypass-Four03 is a powerful bash tool designed to help testers bypass HTTP 403 forbidden errors through various path and header manipulation techniques. It also includes fuzzing for HTTP methods and protocol versions, making it a versatile addition to any web security researcher's toolkit.
DGPOEdit
Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines
EchoStrike
Deploy undetectable reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.
EXE-or-DLL-or-ShellCode
Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...
exploits_byob
Repo for all my exploits/PoCs
GhostStrike
Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.
Infiltrax_AnyDesk
Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve clipboard contents, log keystrokes, and install AnyDesk for persistent remote access.
kerberos_aes_key
Generate AES128 and AES256 Kerberos keys from a given username, password, and realm
MyMSIAnalyzer
Analyse MSI files for vulnerabilities
NamedPipeMaster
a tool used to analyze and monitor in named pipes
PPLrevenant
Bypass LSA protection using the BYODLL technique
priv8-Nuclei
this repo contains all nuclei templates for particular vulnerability that i used mosty while hunting..
ProcessInjectionTechniques
This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at the forefront of the field. It serves as a central repository of knowledge, offering in-depth exploration of various process injection techniques used by adversaries.
RT-workshop-2024
فایل ها و فیلم های ورکشاپ ردتیم 2024 با هانت لرن
ShellGen
PowerShell script to generate ShellCode in various formats
stalksnet_stuxnet
A few STUXNET samples and live traffic captures from July 2010 while many stuxnet implants were still operational.
V8sandbox_bypass
V8sandbox_bypass using stack misalignment
WindowsDowndate
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities