oPen syLar's starred repositories
APCInjector
Windows Kernel Driver dlls injector using APC
MaliciousMacroMSBuild
Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.
MasterHide
A x64 Windows Rootkit using SSDT or Hypervisor hook
LsassSilentProcessExit
Command line interface to dump LSASS memory to disk via SilentProcessExit
PowerLessShell
Run PowerShell command without invoking powershell.exe
RoguePotato
Another Windows Local Privilege Escalation from Service Account to System
Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
HideProcess
A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
Invoke-PSImage
Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
spoofing-office-macro
:fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.
EternalBlueC
EternalBlue suite remade in C/C++ which includes: MS17-010 Exploit, EternalBlue vulnerability detector, DoublePulsar detector and DoublePulsar Shellcode & DLL uploader
Ark-Server-Plugins
Server Plugins for ARK: Server API
PowerShdll
Run PowerShell with rundll32. Bypass software restrictions.
sakeInject
Windows PE - TLS (Thread Local Storage) Injector in C/C++
delete-self-poc
A way to delete a locked file, or current running executable, on disk.
wifi-learner
A tool to infer the security handshake state machine of a given WiFi router. Useful for vulnerability analysis