tsjohn's repositories
Alien
Website Management Tool
ArcEnabledServersGroupPolicy
Guidance and sample code to perform at-scale onboarding of servers to Arc via Group Policy
awesome-ida-x64-olly-plugin
A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.
Awesome-Redteam
一个红队知识仓库
BehinderClientSource
冰蝎客户端源码-V4.0.2
ghidra
Ghidra is a software reverse engineering (SRE) framework
session-android
A private messenger for Android.
C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
CVE-2022-37969
Windows LPE exploit for CVE-2022-37969
impacket-programming-manual
impacket编程手册
pe_to_shellcode
Converts PE into a shellcode
PPLBlade
Protected Process Dumper Tool
PPLinject
Inject unsigned DLL into Protected Process Light (PPL)
PPLmedic
Dump the memory of any PPL with a Userland exploit chain
pypykatz
Mimikatz implementation in pure Python
RDI-SRDI
This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
Reg-Restore-Persistence-Mole
a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Callback of sysmon driver filter. RegSaveKeyExW() and RegRestoreKeyW() API which is not included in monitoring. This POC will use
RemoteShellcodeExec
Execute shellcode from a remote-hosted bin file using Winhttp.
rp
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
RpcView
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
SharpToken
Windows Token Stealing Expert
Socks5Server
Windows C/C++ Socks5 Server
systeminformer
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
tiny-bignum-c
Small portable multiple-precision unsigned integer arithmetic in C
Windows_MSKSSRV_LPE_CVE-2023-36802
LPE exploit for CVE-2023-36802
YingJiXiangYing
应急响应