woxihuannisja's repositories
vmp3-import-fix
Fix VMProtect3 IAT
WinDefenderKiller
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
Black-Angel-Rootkit
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
0xUBypass
AntiAV shellcode loader
Amsi_Bypass_In_2023
Amsi Bypass payload that works on Windwos 11
Blackout
kill anti-malware protected processes (BYOVD)
Chaos-Rootkit
x64 ring0 rootkit with process hiding, privilege escalation, and capabilities for protecting and unprotecting processes
D1rkSleep
Improved version of EKKO by @5pider that Encrypts only Image Sections
Direct-Syscalls-vs-Indirect-Syscalls
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
ebpf_shell
ebpf WebShell/内核马,一种新型内核马/WebShell技术
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
how2heap
A repository for learning various heap exploitation techniques.
inject_memory_assembly
inject .net assembly to process
KernelSU
A Kernel based root solution for Android
llvm-msvc-windows-driver-template
Windows kernel driver template for cmkr and llvm-msvc.
Medusa
Radical Windows ARK
pinduoduo_backdoor
拼多多apk内嵌提权代码,及动态下发dex分析
pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
SGK_Sites_and_Bots
社工库分享。免费好用的 社工库网站 和 Telegram社工库机器人,查询帐号、密码、邮箱、手机号、身份证及各种隐私数据是否泄露。
SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
SKRoot-linuxKernelRoot
新一代SKRoot,挑战全网root检测手段,跟面具完全不同思路,摆脱面具被检测的弱点,完美隐藏root功能,全程不需要暂停SELinux,实现真正的SELinux 0%触碰,通用性强,通杀所有内核,不需要内核源码,直接patch内核,兼容安卓APP直接JNI调用,稳定、流畅、不闪退。
wmiexec-Pro
New generation of wmiexec.py
xll_malware
一个简单的xll malware,实现执行exe和加载xlsx文件