strf0x's repositories
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
BlackLotus
BlackLotus UEFI Windows Bootkit
BMJ
Code snippets for bare-metal malware development
boopkit
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
CVE-2021-40444
CVE-2021-40444 PoC
docker-elk
The Elastic stack (ELK) powered by Docker and Compose.
ecapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
injectAmsiBypass
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
Jektor
A Windows user-mode shellcode execution tool that demonstrates various techniques that malware uses
Linux-Tools-in-Go
A repository of various linux tools rewritten in go for educational purposes.
Log4shell_JNDIExploit
Among the existing Log4shell practice materials JNDIExploit v1.2
msflib
A golang library designed to interact with Metasploit
prox5
🧮 SOCKS5/4/4a 🌾 validating proxy pool for 🤽 LOLXDsoRANDum connections 🎋
red_team_attack_lab
Red Team Attack Lab for TTP testing & research
Reptile
LKM Linux rootkit
SharpStay
.NET project for installing Persistence
strf0x-blog
blog on hacking, infosec, blue/red/purple teaming, engineering and AI
strf0x1_golang_notes
various notes on golang
TripleCross
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
VMProtect-Source
Source of VMProtect (NOT OFFICIALLY)
WarFox
A proof-of-concept HTTPS beaconing Windows implant and multi-layered proxy C2 network designed for covert APT emulation engagements
whitebox_practice_AWAE_OSWE
Practice applications for AWAE and OSWE. Vulnerable applications for use in white box code-review exercise
WindowsExploitationResources
Resources for Windows exploit development