superuser5's repositories
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
aws-api-models
A collection of documented and undocumented AWS API models
aws-genai-llm-chatbot
A modular and comprehensive solution to deploy a multi LLM powered chatbot (Amazon Bedrock, HuggingFace, OpenAI, AI21, Cohere) using AWS CDK on AWS
aws_url_signer
POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
coffee
A COFF loader made in Rust
CrackMaster
x86/x64 Ring 0/-2 System Freezer/Debugger
DarkFinger-C2
Windows TCPIP Finger Command / C2 Channel and Bypassing Security Software
GCR-Google-Calendar-RAT
Google Calendar RAT is a PoC of Command&Control over Google Calendar Events
girlfriend
Girl Friend <- Generate Foundry Fork Test from Attack Transaction
HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
llm-attacks
Universal and Transferable Attacks on Aligned Language Models
Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
Mshikaki
A shellcode injection tool showcasing various process injection techniques
NimBlackout
Kill AV/EDR leveraging BYOVD attack
PPLBlade
Protected Process Dumper Tool
redirectors
Create AWS redirectors.
Saleae-Logic2-HLA-TI-TRF7970A
High Level Analyzer for Texas Instrument TRF7970A NFC chip on SPI bus
ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
SmmBackdoorNg
Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
WMIExec
Set of python scripts which perform different ways of command execution via WMI protocol.