ricardojoserf

Ricardo Ruiz 's repositories

wifi-pentesting-guide

WiFi Penetration Testing Guide

Language:Python370 12 1

NativeDump

Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)

Language:C#316 4 1

WhoamiAlternatives

Different methods to get current username without using whoami

Language:C#172 20

covert-tube

Youtube as covert-channel - Control systems remotely and execute commands by uploading videos to Youtube

Language:Python105 40

SharpCovertTube

Youtube as C2 - Control Windows systems uploading videos to Youtube

Language:C#63 2 1

instagram-user-id

Get the user ID of any user in instagram

Language:Python32 2 7

spotify-playlist-downloader

Downloading Spotify Playlists

Language:Python19 3 2

p-invoke.net

P/Invoke definitions from the now offline pinvoke.net - Website: https://www.p-invoke.net/

18 10

OSED-prep

Exploits written while preparing for the OSED exam

Language:Python17 10

SharpObfuscate

Obfuscate payloads using IPv4, IPv6, MAC or UUID strings

Language:C#11 10

SharpNado

Repository to gather all .NET malware related code snippets or programs I will develop

800

jeringuilla

Process injection framework in C#. It uses dynamic function loading using delegates and AES-encryption for strings and payloads

Language:C#7 10

MinidumpParser

C# program to parse Microsoft Minidump files and their streams

Language:C#7 20

SharpNtdllOverwrite

Overwrite ntdll.dll's ".text" section to bypass API hooking. Getting the clean dll from disk, Knowndlls folder, a debugged process or a URL

Language:C#6 10

GetProcAddress

GetProcAddress implementation in C# walking the PEB using only ReadProcessMemory

Language:C#5 10

SharpProcessDump

Dump memory regions of a process using NtQueryVirtualMemory and NtReadVirtualMemory

Language:C#500

SharpSelfDelete

PoC to self-delete a binary in C#

Language:C#500

GetModuleHandle

GetModuleHandle implementation in C# using only NtQueryInformationProcess by walking the PEB

Language:C#4 10

StealthyEnv

Stealthier alternative to whoami.exe in C#, it gets environment variables from PEB (PRTL_USER_PROCESS_PARAMETERS)

Language:C#4 10

botnet-ssh-control

Botnet Command and Control (C&C) controlled via SSH. Based in Paramiko library

Language:Python3 10

dns-exfiltration

Notes and custom scripts for DNS exfiltration

Language:Python2 10

lsass-dumper-csharp

Custom lsass.exe dump using C#: XOR-encoding, Dynamic function resolution, using NTAPIs...

Language:C#2 10

rop-emporium-exploits

Rop Emporium - Exploits and brief Walkthroughs

Language:Python2 10

GetModuleHandleRemote

GetModuleHandle implementation in C# for remote processes using only NTAPIs

Language:C#100

go-GetProcessByName

Get process handle(s) from process name using NtGetNextProcess and GetProcessImageFileName

Language:Go100

niidoru

Framework for Process Injection in Windows using Go

Language:Go100

ricardojoserf.github.io

My blog :)

Language:SCSS1 10

pyNtdllOverwrite

Overwrite ntdll.dll's ".text" section to bypass API hooking. Getting the clean dll from disk, Knowndlls folder or a debugged process

Language:Python000

ricardojoserf

Github profile readme

010

ricardojoserf.herokuapp.com

My personal blog

Language:Python020