tsjohn's starred repositories
security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
Process-Hollowing
Great explanation of Process Hollowing (a Technique often used in Malware)
BestEdrOfTheMarket
Little user-mode AV/EDR evasion lab for training & learning purposes
Internal-Monologue
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
oss-fuzz-gen
LLM powered fuzzing via OSS-Fuzz.
Inline-Execute-PE
Execute unmanaged Windows executables in CobaltStrike Beacons
token-priv
Token Privilege Research
ExploitCapcom
This is a standalone exploit for a vulnerable feature in Capcom.sys
TitanEngine
TitanEngine Community Edition. Debug engine used by x64dbg.
x64dbg_plugin
x64dbg插件合集
awesome-cve-poc
✍️ A curated list of CVE PoCs.
UnhookingPatch
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
NTDLLReflection
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table
FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
Shellcode-Hide
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
Microsoft-Activation-Scripts
A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
WjCryptLib
Public Domain C Library of Cryptographic functions. Including: MD5, SHA1, SHA256, SHA512, RC4, AES, AES-CTR, AES-OFB, AES-CBC
DSInternals
Directory Services Internals (DSInternals) PowerShell Module and Framework
BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。