Lefteris Panos's repositories
ae64
basic amd64 alphanumeric shellcode encoder
Alcatraz
x64 binary obfuscator
CertifyKit
Active Directory certificate abuse
configmgr-cryptderivekey-hashcat-module
Hashcat module that can crack a password used to derive an AES-128 key with CryptDeriveKey from CryptoAPI
CreateProcess
A small PoC that creates processes in Windows
CSharp-Alt-Shellcode-Callbacks
A collection of (even more) alternative shellcode callback methods in CSharp
DCOMPotato
Some Service DCOM Object and SeImpersonatePrivilege abuse.
EtwSessionHijacking
A Poc on blocking Procmon from monitoring network events
Forensia
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
Lastenzug
Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
nanorobeus
COFF file (BOF) for managing Kerberos tickets.
PPLcontrol
Controlling Windows PP(L)s
PrintNotifyPotato
PrintNotifyPotato
RPC-Backdoor
A basic emulation of an "RPC Backdoor"
secret_handshake
A prototype malware C2 channel using x509 certificates over mTLS
SharpToken
.NET版本的incognito
sigspoox
Spoofing signatures in Office Open XML Documents (Word, Excel, Powerpoint)
SnaffPoint
A tool for pointesters to find candies in SharePoint
TangledWinExec
C# PoCs for investigation of Windows process execution techniques
TaskSchedulerMisc
Misc TaskScheduler Plays
windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.