k4mu5's repositories
cve_2024_0044
CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
TheBhTiNjector
TheBhTiNjector is a filebinder that can concatenate two or more files of some extensions that preserves the integrity of the files and gives you the option of injecting shellcode into them.
Conocimiento_Obsidian
Enlace donde voy a compartir un fichero de obsidian con la recopilación de todos mis apuntes de varias ramas de informática con los seguidores del canal, de tal forma que podremos mantener una base de datos de conocimiento en común. Debo compartir este fichero a través de un enlace externo debido al límite de almacenamiento de github.
pgrok
Poor man's ngrok - a multi-tenant HTTP/TCP reverse tunnel solution through SSH remote port forwarding
darkPulse
darkPulse是一个用go编写的shellcode Packer,用于生成各种各样的shellcode loader,免杀火绒,360核晶等国内常见杀软。
BrowserBox
🌀 Browse the web from a browser you run on a server, rather than on your local device. Lightweight virtual browser. For security, privacy and more! By https://github.com/dosyago
evillnk
Python GUI based tool to generate lnk files with a payload and decoy files embedded inside.
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
CVE-2024-23897--Pinguino-Mario-
Poc para explotar la vulnerabilidad CVE-2024-23897 en versiones 2.441 y anteriores de Jenkins, mediante la cual podremos leer archivos internos del sistema sin estar autenticados
phoneinfoga
Information gathering framework for phone numbers
CloudflareBypassForScraping
A cloudflare verification bypass script for webscraping
AMSI-BYPASS
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
IconJector
Unorthodox and stealthy way to inject a DLL into the explorer using icons
Supernova
Real fucking shellcode encryptor & obfuscator tool
Pixel_GPU_Exploit
Android 14 kernel exploit for Pixel7/8 Pro
joomscan
OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/
obfus.h
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
reverse-shell-generator
Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
BlueDucky
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)
devika
Devika is an Agentic AI Software Engineer that can understand high-level human instructions, break them down into steps, research relevant information, and write code to achieve the given objective. Devika aims to be a competitive open-source alternative to Devin by Cognition AI.
android-penetration-testing-cheat-sheet
Work in progress...
gophish
Open-Source Phishing Toolkit
xz-vulnerable-honeypot
An ssh honeypot with the XZ backdoor. CVE-2024-3094