th30c0der's repositories
Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
File-Unpumper
Simple File unpumper for pepole who reversing Malwares
Bitrat-Hvnc-Rat-Remote-Control-Av-Bypass
It is the latest version of the best PC RAT 2022 in the market. It is used by hackers to remotely access their victims.
CE-Extensions
Extensions I've made for Cheat Engine (place in autorun folder)
cheat-engine
Cheat Engine. A development environment focused on modding
cspro
This is Cobalt Strike 4.5 Pro licensed
CVE-2022-40684
A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
CVE-2022-41852
CVE-2022-41852 Proof of Concept (unofficial)
CVE-2023-21823_LPE
CVE-2023-21823 PoC
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Direct-Syscalls-vs-Indirect-Syscalls
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
elements
Open Source implementation of advanced blockchain features extending the Bitcoin protocol
Firefox-Grabber
Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
gost
GO Simple Tunnel - a simple tunnel written in golang
libwebsockets
canonical libwebsockets.org networking library
LPE-cve-2023-29360-
Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver
Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
mRemoteNG
mRemoteNG is the next generation of mRemote, open source, tabbed, multi-protocol, remote connections manager.
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Rc4Encryption
ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
Real-Time-Voice-Cloning
Clone a voice in 5 seconds to generate arbitrary speech in real-time
ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
Token-Grabber-Advanced
This is an advanced Discord token grabber which send you through a Discord webhook all account informations of the victim including new features (bio / banner...)
websocketpp
C++ websocket client/server library
whatsapp-viewer
Small tool to display chats from the Android msgstore.db database (crypt12)