Robert's repositories
ReconNotes
Just some public notes that can be useful and i want let the world knows.
SecureAllTheThings
Secure all the things
AllTheThingsExec
Executes Blended Managed/Unmanged Exports
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
amsi-tracer
Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) passed into AMSI during dynamic execution.
PowerShell
Some .ps1 scripts for pentesting
windows-exploitation
Fully based on Advanced Windows exploitation. Kernel driver exploitation, browser exploitation, heap spraying etc....
Windows-Hacks
Creative and unusual things that can be done with the Windows API.
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
chainbreaker
Mac OS X Keychain Forensic Tool
docker-jenkins
Docker file + scripts to create a Jenkins server secured with a self signed SSL
experiments
Expriments
hidden
Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
living-off-the-land
Fileless attack with persistence
MineSweeper
Windows user-land hooks manipulation tool.
Perfusion
Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
PoC-in-GitHub
📡 PoC auto collect from GitHub.
TheSubZeroProject
A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
tinypy
tpy, a pet python forked from tinypy
TransactedSharpMiniDump
Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS using sockets.
TransitionalPeriod
Experiment on producing Ring 0 to Ring 3 transition shellcode in C for x64 / x86. Uses PsSetContextThread() to direct execution. Interrupt Request Level ( IRQL ) Migration From DISPATCH_LEVEL to PASSIVE_LEVEL is done via Work Items