RATandC2-Features's repositories
Keyloger-KeyStriker
A linux keyloger
MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
yuze
A socksv5 proxy tool Written by CLang. 一款纯C实现的基于socks5协议的轻量内网穿透工具,支持ew的全部数据转发方式
COFF-Loader
A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
SharpVeeamDecryptor
Decrypt Veeam database passwords
No-Consolation
A BOF that runs unmanaged PEs inline
LdrLibraryEx
A small x64 library to load dll's into memory.
Shaco
[ 植入端 ] Shaco is a linux agent for havoc
Little-CRT
remove c-runtime dependencies
psinline
in-process powershell runner for BRC4
LoudSunRun
Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
SspiUacBypass
Bypassing UAC with SSPI Datagram Contexts
Melon
A generic cross-platform asynchronous high-performance C framework, including a lot of components and a new coroutine script language Melang.
DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
Packer
Packer is a compact, fast and crosss-platform serialization library for store data in a buffer
maldev
⚠️ malware development
graftcp
A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
RDPCredentialStealer
RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++
socks5
Basic Reverse SOCKS5 proxy client with simple GUI
Inline-Execute-PE
Execute unmanaged Windows executables in CobaltStrike Beacons
curve25519_2
Highly efficient implementation of elliptic curve 25519
curve25519
[key exhange] C# .NET Port of the Curve25519 Diffie-Hellman function
HttpInterface
【通讯】Windows上C++封装的HTTP库,包含三种实现模式(WinInet、WinHttp、socket)
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
ReflectiveLdr
Position-idependent Windows DLL loader based on ReflectiveDLL project.