ognz's repositories
403jump
HTTP 403 bypass tool
AngryOxide
yet another 802.11 Attack Tool
awesome-code-ai
A list of AI coding tools (assistants, completions, refactoring, etc.)
BlueToolkit
extensible Bluetooth Classic vulnerability testing framework
C-from-Scratch
A roadmap to learn C from Scratch
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
DGWR
Dont Gamble with Risk
dropper
Office Macro Enabled Dropper for DLL SideLoading
edr_blocker
Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in TLS Client Hello packet and the provided blocked server name (or blocked string) list in the file.
emba
EMBA - The firmware security analyzer
File-Tunnel
Tunnel TCP connections through a file
fileless-elf-exec
Execute ELF files without dropping them on disk
FullBypass
bypass AMSI and PowerShell CL, toss FullLanguage PowerShell reverse shell
galah
Galah: An LLM-powered web honeypot. Wasting attackers' time with faker-than-ever HTTP responses!
GoRedOps
advanced techniques and offensive malware in Golang
mystique-self-injection
PoC / different approach to Mockingjay Self-Injection. Self-modifying Server
OffensiveGolang
A collection of offensive Go packages inspired by different Go repositories.
Pentest-Windows
Windows internals and exploitation tricks
ReVens
Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.
shellcodeish
Gaining access to ntdll and kernel32 functions by navigating TEB, PEB and others on x86 and amd64 Windows
sploitcraft
Hacking Guides, Demos and Proof-of-Concepts (red team infra)
Symbiotic-Lua
a template for hybrid programming between lua and C
Training-MSOfficeOffensiveTradecraft
Info related to the Outflank training: Microsoft Office Offensive Tradecraft
TrollAMSI
doesn't touch amsi.dll, doesn't do suscalls (DYSWIDT!)
TrollUAC
Funny little bypass w/ OSK
unch
Hides message with invisible Unicode characters
user-kernel-syscall-hook
excellent walkthrough
Voidgate
hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
winsos-poc
A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
xp
💻 Windows XP All Editions Universal Collection