Ricardo Ruiz 's repositories
NativeDump
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
wifi-pentesting-guide
WiFi Penetration Testing Guide
WhoamiAlternatives
Different methods to get current username without using whoami
covert-tube
Youtube as covert-channel - Control systems remotely and execute commands by uploading videos to Youtube
SharpCovertTube
Youtube as C2 - Control Windows systems uploading videos to Youtube
instagram-user-id
Get the user ID of any user in instagram
SharpSelfDelete
PoC to self-delete a binary in C#
p-invoke.net
P/Invoke definitions from the now offline pinvoke.net - Website: https://www.p-invoke.net/
spotify-playlist-downloader
Downloading Spotify Playlists
SharpObfuscate
Obfuscate payloads using IPv4, IPv6, MAC or UUID strings
MinidumpParser
C# program to parse Microsoft Minidump files and their streams
jeringuilla
Process injection framework in C#. It uses dynamic function loading using delegates and AES-encryption for strings and payloads
SharpNtdllOverwrite
Overwrite ntdll.dll's ".text" section to bypass API hooking. Getting the clean dll from disk, Knowndlls folder, a debugged process or a URL
GetModuleHandle
GetModuleHandle implementation in C# using only NtQueryInformationProcess by walking the PEB
GetProcAddress
GetProcAddress implementation in C# walking the PEB using only ReadProcessMemory
SharpProcessDump
Dump memory regions of a process using NtQueryVirtualMemory and NtReadVirtualMemory
StealthyEnv
Stealthier alternative to whoami.exe in C#, it gets environment variables from PEB (PRTL_USER_PROCESS_PARAMETERS)
goNtdllOverwrite
Overwrite ntdll.dll's ".text" section to bypass API hooking. Getting the clean dll from disk, Knowndlls folder or a debugged process
pyNtdllOverwrite
Overwrite ntdll.dll's ".text" section to bypass API hooking. Getting the clean dll from disk, Knowndlls folder or a debugged process
botnet-ssh-control
Botnet Command and Control (C&C) controlled via SSH. Based in Paramiko library
dns-exfiltration
Notes and custom scripts for DNS exfiltration
lsass-dumper-csharp
Custom lsass.exe dump using C#: XOR-encoding, Dynamic function resolution, using NTAPIs...
rop-emporium-exploits
Rop Emporium - Exploits and brief Walkthroughs
GetModuleHandleRemote
GetModuleHandle implementation in C# for remote processes using only NTAPIs
ricardojoserf.github.io
My blog :)
ricardojoserf
Github profile readme
ricardojoserf.herokuapp.com
My personal blog