rixoye's repositories
CS-AutoPostChain
基于 OPSEC 的 CobaltStrike 后渗透自动化链
ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
Beta
Beta versions of my software
BetterChatGPT
An amazing UI for OpenAI's ChatGPT (Website + Windows + MacOS + Linux)
ClipboardDump
Dump the contents of the clipboard of arbitrary format into separate files. WPF Application for Windows.
command
红队常用命令速查
confluence
The simplest docker file of Confluence. Support v8.9.1(latest) and v8.5.9(lts)
EDRaser
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual.
Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
Havoc
The Havoc Framework.
LdrLockLiberator
For when DLLMain is the only way
LyInjector
一款功能强大的应用层反汇编代码注入器,实现了DLL注入,ShellCode注入等功能,是一款不错的后渗透利器。 A powerful application layer disassembly code injector that implements DLL injection, ShellCode injection, and other functions, is a good post penetration tool.
Modules
Modules used by the Havoc Framework
my_script_tools
平时工作上写的脚本工具或者二开修改的。
pwnat
The New technique to create NAT
qqwry
纯真IP数据库,每天自动抓取微信公众号推文发布的最新链接进行更新。
Quasar
Remote Administration Tool for Windows
RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
SharpTerminator
Terminate AV/EDR Processes using kernel driver
suo5
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
SysWhispers3
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
Talon
(Demo) 3rd party agent for Havoc
WID_LoadLibrary
Reverse engineering winapi function loadlibrary.
win12
Windows 12 网页版,在线体验 点击下面的链接在线体验
Windows-APT-Warfare
著作《Windows APT Warfare:惡意程式前線戰術指南》各章節技術實作之原始碼內容
Windows-MS-LSAT-RPC-Example
Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD