Keybo@rd007's repositories
AlphaGolang
IDApython Scripts for Analyzing Golang Binaries
bazaar
Android security & privacy analysis for the masses
covert-control
Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram
DInjector
Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL
DonPAPI
Dumping DPAPI credz remotely
EDRHunt
Scan installed EDRs and AVs on Windows
Finger
A tool for recognizing function symbol
GC2-sheet
GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.
hashdb-ida
HashDB API hash lookup plugin for IDA Pro
KaliIntelligenceSuite
Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
melting-cobalt
A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
nosferatu
Lsass NTLM Authentication Backdoor
ntfstool
Forensics tool for NTFS (parser, mft, bitlocker, deleted files)
OffensiveRust
Rust Weaponization for Red Team Engagements.
OffensiveVBA
This repo covers some code execution and AV Evasion methods for Macros in Office documents
Owfuzz
Owfuzz: a WiFi protocol fuzzing tool
r2con2021_deobfuscation
Workshop Material on VM-based Deobfuscation
riotpot
Resilient IoT and Operational Technology Honeypot
SharpSystemTriggers
Collection of remote authentication triggers in C#
Shellcode-Injection-Techniques
A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some techniques are better than others at bypassing AV.
Skrull
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.
sleep_python_bridge
This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client. NOTE: This project is very much in BETA. The goal is to provide a playground for testing and is in no way an officially support feature. Perhaps this could be something added in the future to the core product.
sliver
Adversary Emulation Framework
TheMacHardeningScripts
Scripts to secure and harden Mac OS X
WPBT-Builder
The simple UEFI application to create a Windows Platform Binary Table (WPBT) from the UEFI shell.