tooBugs's repositories
FilelessRemotePE
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
Jormungandr
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Blackout
kill anti-malware protected processes (BYOVD)
BokuLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
CVE-2021-44228-Apache-Log4j-Rce
Apache Log4j 远程代码执行
DcRat
A simple remote tool in C#.
EagleMonitorRAT
Remote Access Tool Written In C#
fastjson_rce_tool
fastjson漏洞检测辅助工具, JNDI服务利用工具 RMI/LDAP,支持部分场景回显,内存shell等辅助利用神器
how2heap
A repository for learning various heap exploitation techniques.
Khepri
Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.
linux-kernel-exploitation
A collection of links related to Linux kernel security and exploitation
loadlibrary
Porting Windows Dynamic Link Libraries to Linux
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
Ninja_UUID_Runner
Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
PEGASUS-LIME-HVNC
For the time being, project will be published like this, more as test of my protector project.
PegasusHVNC
This repo is just to teach owner a lesson, that life isnt Turkish soap drama and that there are consequences of behaving like soap actress ;)
PewSWITCH
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
phoneinfoga
Information gathering & OSINT framework for phone numbers
rp
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM binaries.
spoof_call
spoof return address
StopDefender
Stop Windows Defender programmatically
Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
tools
Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
transacted_hollowing
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
unlicense
Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.
Venom5-HVNC-Rat
https://venomcontrol.com/