Giters
vforvasilis

vforvasilis

Geek Repo

48

followers

293

following

4k

stars

Twitter:@vforvasilis

Github PK Tool:Github PK Tool

vforvasilis's starred repositories

malicious-pdf

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Language:PythonLicense:BSD-2-ClauseStargazers:2808Issues:61Issues:9

exe_to_dll

Converts a EXE into DLL

Language:C++Stargazers:1249Issues:32Issues:11

ntlm_theft

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

Language:PythonLicense:GPL-3.0Stargazers:940Issues:28Issues:3

Shoggoth

Shoggoth: Asmjit Based Polymorphic Encryptor

Language:C++Stargazers:644Issues:12Issues:6

DarkWidow

Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing

Language:CLicense:MITStargazers:520Issues:11Issues:1

RansomLord

RansomLord is a proof-of-concept Anti-Ransomware exploitation tool that automates the creation of PE files, used to compromise ransomware pre-encryption.

License:MITStargazers:482Issues:8Issues:0

KRBUACBypass

UAC Bypass By Abusing Kerberos Tickets

Language:C#Stargazers:462Issues:6Issues:6

GIUDA

Ask a TGS on behalf of another user without password

Language:PascalStargazers:456Issues:6Issues:2

S4UTomato

Escalate Service Account To LocalSystem via Kerberos

Language:C#Stargazers:386Issues:5Issues:3

dcomhijack

Lateral Movement Using DCOM and DLL Hijacking

Language:PythonLicense:MITStargazers:262Issues:4Issues:1

RemoteShellcodeExec

Execute shellcode from a remote-hosted bin file using Winhttp.

Language:CStargazers:220Issues:7Issues:1

Jormungandr

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

Language:C++License:GPL-3.0Stargazers:217Issues:5Issues:0

WSPCoerce

PoC to coerce authentication from Windows hosts using MS-WSP

Language:C#Stargazers:217Issues:2Issues:0

SweetDreams

Implementation of Advanced Module Stomping and Heap/Stack Encryption

Language:C++License:BSD-3-ClauseStargazers:204Issues:2Issues:0

ADFSRelay

Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS

Language:GoLicense:Apache-2.0Stargazers:171Issues:3Issues:1

MSSqlPwner

Language:PythonStargazers:170Issues:2Issues:0

ACCD

Active C&C Detector

Language:Jupyter NotebookLicense:GPL-3.0Stargazers:148Issues:4Issues:0

D1rkInject

Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, and reverting back memory protections and original memory state

Language:C++License:MITStargazers:148Issues:2Issues:0

CodeCave

A bunch of scripts and code i wrote.

Language:CStargazers:129Issues:4Issues:0

restincode

A memorial site for Hackers and Infosec people who have passed

Language:HTMLLicense:MITStargazers:118Issues:14Issues:124

PEPacker

Language:C++Stargazers:85Issues:1Issues:1

Night_Walker

Language:C++Stargazers:68Issues:3Issues:0

wptsextensions.dll

WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.

Language:C++Stargazers:51Issues:2Issues:0

chacha20-c

ChaCha20 stream cipher implemented in C

Language:CLicense:UnlicenseStargazers:49Issues:3Issues:4

BetterPipename

Example of using Sleep to create better named pipes.

Stargazers:41Issues:2Issues:0

CertifyKit

Active Directory certificate abuse

Language:C#Stargazers:29Issues:1Issues:0

chacha20poly1305

Simple ChaCha20Poly1305@Bitcoin C implementation

Language:CStargazers:29Issues:6Issues:4

ETW-Gone-Dark

Language:C#Stargazers:19Issues:0Issues:0

processinjection-via-syscall

Language:CLicense:GPL-3.0Stargazers:14Issues:1Issues:0

PPL

run process as PPL Antimalware

Language:CStargazers:10Issues:2Issues:0