v4nyl's repositories
Black-Angel-Rootkit
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
blacklotus
A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
BlackLotus-leak
BlackLotus UEFI Windows Bootkit
Blog-Lab
Source files for my posts
bootdoor-1
An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
CaveCarver
CaveCarver - PE backdooring tool which utilizes and automates code cave technique
ClipboardHistoryThief
POC tool to extract all persistent clipboard history data from clipboard service process memory
CVE-2022-37969
Windows LPE exploit for CVE-2022-37969
dcomhijack
Lateral Movement Using DCOM and DLL Hijacking
DropSpawn_BOF
CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
EntropyReducer
Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists
Forensia
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
GeoWordlists
GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.
GodPotato_CLR
A Custom CLR Assembly for MSSQL of the popular tool GodPotato
HiddenDesktop
HVNC for Cobalt Strike
Jormungandr
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
Kraken
Kraken, a modular multi-language webshell coded by @secu_x11
MagicSigner
Signtool for expired certificates
Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
MemFiles
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
OffensivePipeline
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
rogue
A barebones template of 'rogue' aka a simple recon and agent deployment I built to communicate over ICMP. Well, without the ICMP code.
serviceDetector
Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin privileges.
sleepmask_ekko_cfg
Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
titanldr-ng
A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
Winsocky
Winsocket for Cobalt Strike.
WMIExec
Set of python scripts which perform different ways of command execution via WMI protocol.