ognz's repositories
sploitcraft
Hacking Guides, Demos and Proof-of-Concepts (red team infra)
edr_blocker
Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in TLS Client Hello packet and the provided blocked server name (or blocked string) list in the file.
fileless-elf-exec
Execute ELF files without dropping them on disk
galah
Galah: An LLM-powered web honeypot. Wasting attackers' time with faker-than-ever HTTP responses!
Voidgate
hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
GoRedOps
advanced techniques and offensive malware in Golang
Pentest-Windows
Windows internals and exploitation tricks
File-Tunnel
Tunnel TCP connections through a file
user-kernel-syscall-hook
excellent walkthrough
OffensiveGolang
A collection of offensive Go packages inspired by different Go repositories.
Symbiotic-Lua
a template for hybrid programming between lua and C
shellcodeish
Gaining access to ntdll and kernel32 functions by navigating TEB, PEB and others on x86 and amd64 Windows
TrollAMSI
doesn't touch amsi.dll, doesn't do suscalls (DYSWIDT!)
TrollUAC
Funny little bypass w/ OSK
mystique-self-injection
PoC / different approach to Mockingjay Self-Injection. Self-modifying Server
AngryOxide
yet another 802.11 Attack Tool
Training-MSOfficeOffensiveTradecraft
Info related to the Outflank training: Microsoft Office Offensive Tradecraft
FullBypass
bypass AMSI and PowerShell CL, toss FullLanguage PowerShell reverse shell
emba
EMBA - The firmware security analyzer
BlueToolkit
extensible Bluetooth Classic vulnerability testing framework
C-from-Scratch
A roadmap to learn C from Scratch
ReVens
Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
xp
💻 Windows XP All Editions Universal Collection
unch
Hides message with invisible Unicode characters
dropper
Office Macro Enabled Dropper for DLL SideLoading
awesome-code-ai
A list of AI coding tools (assistants, completions, refactoring, etc.)
winsos-poc
A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
403jump
HTTP 403 bypass tool
DGWR
Dont Gamble with Risk