kleiton0x00's starred repositories
EDRSnowblast
This project is an EDRSandblast fork, adding some features and custom pieces of code.
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
Chisel-Strike
A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
ModifyExports
Research of modifying exported function names at runtime (C/C++, Windows)
wifipassdump
dump wifi passwords using win32 api
DLL-Hollow-PoC
DLL Hollowing PoC - Remote and Self shellcode injection
GhostlyHollowingViaTamperedSyscalls
Implementing the ghostly hollowing PE injection technique using tampered syscalls.
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
domloggerpp
A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
Process_Ghosting
Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by a file. This is an evasion technique.
Learning-EDR-and-EDR_Evasion
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.
SAMLRaider
SAML2 Burp Extension
DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
PartyLoader
Threadless shellcode injection tool