realmadaha's repositories
casper-fs
Casper-fs is a Custom Hidden Linux Kernel Module generator. Each module works in the file system to protect and hide secret files.
ConPtyShell
ConPtyShell - Fully Interactive Reverse Shell for Windows 10 higher
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64) and test ok for 3.10.x
Girsh
Automatically spawn a reverse shell fully interactive for Linux or Windows victim
go-gtp
GTP (GPRS Tunneling Protocol) implemented in pure Golang.
gost
GO Simple Tunnel - a simple tunnel written in golang
hellMaker
Generate FUD backdoors
Invoke-DNSteal
Simple & Customizable DNS Data Exfiltrator
Killers
Exploitation of process killer drivers include avast and powertools drivers
lsassy
Extract credentials from lsass remotely
MemoryModulePP
MemoryModule which compatible with Win32 API and support exception handling
merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
mhydeath
Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
openssh-backdoor
Experimental and sneaky backdoor patch for OpenSSH Portable and Tested it on Redhat 7.9.
PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
PPLmedic
Dump the memory of any PPL with a Userland exploit chain
r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
RunPE
C# Reflective loader for unmanaged binaries.
SIMTester
A tool to test SIM card security
sliver-red-team-framework
Adversary Emulation Framework
SmmBackdoorNg
Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
TangledWinExec
PoCs and tools for investigation of Windows process execution techniques
Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
Venom
Venom is a library that meant to perform evasive communication using stolen browser socket
WinArk
Windows Anti-Rootkit Tool
Windows-classic-samples
This repo contains samples that demonstrate the API used in Windows classic desktop applications.