khr0x40sh's repositories
Mockingjay
Tests and implementation of Mockingjay technique
CVE-2024-4956
CVE-2024-4956 Python exploitation utility
SharpMockingJay
C# / .NET implementation of the local DLL Injection use case of the MockingJay EDR Bypass technique
AmsiBypassHookManagedAPI
A new AMSI Bypass technique using .NET ALI Call Hooking.
AndroRAT
A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side
AsmHalosGate
x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks
ASPJinjaObfuscator
Heavily obfuscated ASP web shell generation tool.
defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27 Workshop
Divert
WinDivert: Windows Packet Divert
InvisibilityCloak
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
pyJWT-testing
JWT testing with Python / Flask
RemoteShellcodeExec
Execute shellcode from a remote-hosted bin file using Winhttp.
RWXfinder
The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
SharpHalos
My implementation of Halo's Gate technique in C#
syscalls-rs
Rusty Syscalls - A direct or indirect Syscall library in Rust using the FreshyCalls/SysWhispers technique
SyscallsExample
Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.
TartarusGate
TartarusGate, Bypassing EDRs
ThreadlessInject
Threadless Process Injection using remote function hooking.
ThreadlessInject-BOF
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
VirusTotalC2
Abusing VirusTotal API to host our C2 traffic, usefull for bypassing blocking firewall rules if VirusTotal is in the target white list , and in case you don't have C2 infrastructure , now you have a free one
warlusts
If you found this, you are among the truly lucky, to be given providence to my curated and often custom wordlists. Enjoy, buddy, you've earned it.
wmiexec-Pro
New generation of wmiexec.py