Cody Gilbert's repositories
Sharp
Lightweight implant/RAT tool that runs machine code for its functionality.
injection
Windows process injection methods
PortBender
TCP Port Redirection Utility
laZzzy
laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
VenomRAT-HVNC-5.6
VenomRAT-HVNC 5.6, this is the latest version with a working HVNC module !
SealighterTI
Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
Mythic_Docker_Templates
Templates and code for Dockerfiles with images hosted at https://hub.docker.com/u/itsafeaturemythic
ShellcodeLoader-1
该项目为Shellocde加载器,详细介绍了我们如何绕过防病毒软件,以及该工具如何使用
MemoryModule
A tool to parse and load module in memory, as well as attach a DLL in EXE. Most of the functions are inline, so that it can also be used in shellcode.
RTImplant
Just another casual shellcode native loader
uuid-loader
UUID based Shellcode loader for your favorite C2
Callback_Shellcode_Injection
POCs for Shellcode Injection via Callbacks
apc-injection
Process Injection: APC Injection
MagicLib
Non organized Cpp code files I used for my research on Windows
NINA
NINA: No Injection, No Allocation x64 Process Injection Technique
JSON-Parser
JSON Parser for Charles logs.
Stitch
Python Remote Administration Tool (RAT)
libmicrohttpd
Fork of http://www.gnu.org/software/libmicrohttpd/