pywarez's starred repositories
IronSharpPack
IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then reflective load the C# project.
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
codewarrior
code-searching tool and static code analysis - Beta
ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
DripLoader
Evasive shellcode loader for bypassing event-based injection detection (PoC)
AutomatedLab
AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
static-binaries
Various *nix tools built as statically-linked binaries
passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
PowerShdll
Run PowerShell with rundll32. Bypass software restrictions.