xkroot's repositories
ac
kernel mode anti cheat
ApexLdr
ApexLdr is a DLL Payload Loader written in C
APT-Attack-Simulation
A APT Attack Simulation for APT 29 & Lockbit
AutoMonitor
windows自动监控截图工具。 windows automatic screenshoter.
Banshee
Experimental Windows x64 Kernel Rootkit.
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
BinarySpy
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
bof-launcher
Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications
Cobalt-Strike-Profiles-for-EDR-Evasion
Cobalt Strike Profiles for EDR Evasion
CrimsonEDR
Simulate the behavior of AV/EDR for malware development training.
DNS-Tunnel-Keylogger
Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.
DojoLoader
Generic PE loader for fast prototyping evasion techniques
GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
ImmoralFiber
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)
InflativeLoading
Dynamically convert a native EXE to PIC shellcode by prepending a shellcode stub
obfus.h
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
obj2shellcode
shellcode生成框架
OdinLdr
Cobaltstrike UDRL with memory evasion
Prince-Ransomware
Go ransomware utilising ChaCha20 and ECIES encryption.
Rafel-Rat
-------> RAFEL<------ Android Rat Written in Java With WebPanel For Controlling Victims...Hack Android Devices
Stardust
A modern 64-bit position independent implant template
TripleCross
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
unKover
PoC Anti-Rootkit to uncover Windows Drivers/Rootkits mapped to Kernel Memory.
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
xeno-rat
Xeno-RAT is an open-source remote access tool (RAT) developed in C#, providing a comprehensive set of features for remote system management. Has features such as HVNC, live microphone, reverse proxy, and much much more!
xz-vulnerable-honeypot
An ssh honeypot with the XZ backdoor. CVE-2024-3094
xzbot
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
xzre
XZ backdoor reverse engineering