shincehor's starred repositories
BruteUnpackage
Brute force cracking the compressed package | 暴力破解有密码的压缩包
Shellcode-Hastur
Shellcode Reductio Entropy Tools
atexec-pro
Fileless atexec, no more need for port 445
BackupCreds
A C# implementation of dumping credentials from Windows Credential Manager
Advanced-TLS-Injection
A direct improvement to remote TLS Injection.
Thread-Pool-Injection-PoC
Proof of concept code for thread pool based process injection in Windows.
Evasive-Loader
Evasive loader to bypass static detection
TrueSightKiller
CPP AV/EDR Killer
interactive-execute-shellcode
A simple PoC of injection shellcode into a remote process and get the output using namepipe
HackBrowserDataManual
Get password/cookie/history from browser and use devtools protocol to bypass edr monitoring
maldev-links
My collection of malware dev links
NinjaInjector
Classic Process Injection with Memory Evasion Techniques implemantation
RecycledGate
Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
BusySleepBeacon
This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built in Sleep() call. Most of the structure e.g. Sleep hook, shellcode exec etc. are taken from mgeeky's https://github.com/mgeeky/ShellcodeFluctuation.
Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.
ThreadlessInject-BOF
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
KRBUACBypass
UAC Bypass By Abusing Kerberos Tickets
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing