Shantanu Khandelwal's repositories
Certificate-Transparency-Monitor---Rust
This project monitor certificate transparency lists . Additional feature is that this can be used to monitor with wildcards from bugbounties
RustRedOps
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.
ApiHashing
Replacing GetModuleHandle & GetProcAddress as a God
AutoAppDomainHijack
Automated .NET AppDomain hijack payload generation
awesome-injection
Centralized resource for listing and organizing known injection techniques and POCs
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
ChromeKatz
Dump cookies directly from Chrome process memory
CTL-Parse
My Attempt to parse the list to get some good info
CVE-2024-21111
Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability
CVE-2024-26229
CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
DDSpoof
DDSpoof is a tool that enables DHCP DNS Dynamic Update attacks against Microsoft DHCP servers in AD environments.
devika
Devika is an Agentic AI Software Engineer that can understand high-level human instructions, break them down into steps, research relevant information, and write code to achieve the given objective. Devika aims to be a competitive open-source alternative to Devin by Cognition AI.
DLLirant-1
DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
ExploitGSM
Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5
FalconHound
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.
JS-Tap
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.
LetMeowIn
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
MoneyPrinterTurbo
利用AI大模型,一键生成高清短视频 Generate short videos with one click using AI LLM.
okta-terrify
Okta Verify and Okta FastPass Abuse Tool
roop
one-click face swap
SharpADWS
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
SharpGraphView
Microsoft Graph API post-exploitation toolkit
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
winsos-poc
A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.