SyscallMeMaybe: Implementation of Indirect Syscall technique to pop an innocent calc.exe
https://github.com/oldboy21/SyscallMeMaybe
https://github.com/oldboy21/SyscallMeMaybe
SOAPHound: is a .NET data collector tool, which collects Active Directory data via the Active Directory Web Services (ADWS) protocol.
SOAPHound is able to extract the same information without directly communicating to the LDAP server
https://github.com/FalconForceTeam/SOAPHound
SOAPHound is able to extract the same information without directly communicating to the LDAP server
https://github.com/FalconForceTeam/SOAPHound
Jenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE
https://github.com/h4x0r-dz/CVE-2024-23897
https://github.com/h4x0r-dz/CVE-2024-23897
Top-GPTs: Run popular GPTs without the need for ChatGPT Plus subscription
https://github.com/Anil-matcha/Top-GPTs
https://github.com/Anil-matcha/Top-GPTs
Pwn2Own Automotive 2024 - Day Three Results
https://www.thezdi.com/blog/2024/1/25/pwn2own-automotive-2024-day-three-results
https://www.thezdi.com/blog/2024/1/25/pwn2own-automotive-2024-day-three-results
SigFinder: Identify binaries with Authenticode digital signatures signed to an internal CA/domain
https://github.com/mlcsec/SigFinder
https://github.com/mlcsec/SigFinder
Thread-Pool-Injection-PoC: Proof of concept code for thread pool based process injection in Windows
https://github.com/Uri3n/Thread-Pool-Injection-PoC
https://github.com/Uri3n/Thread-Pool-Injection-PoC
Ultimate-RAT-Collection: samples of old & new malware builders including screenshots
https://github.com/yuankong666/Ultimate-RAT-Collection
https://github.com/yuankong666/Ultimate-RAT-Collection
ExecIT: DLL Shellcode self-inyector/runner based on HWSyscalls, ideally thought to be executed with rundll32
https://github.com/florylsk/ExecIT
https://github.com/florylsk/ExecIT
CsWhispers: Source generator to add D/Invoke and indirect syscall methods to a C# project
https://github.com/rasta-mouse/CsWhispers
https://github.com/rasta-mouse/CsWhispers
Code-generated P/Invoke signatures
https://github.com/ZeroPointSecurity/PInvoke
https://github.com/ZeroPointSecurity/PInvoke
Write XLL Dropper in c++ , a red teams most used dropper , learn how to be like a red teams and APT groups by building your XLL Dropper
https://github.com/EvilGreys/XLL-DROPPER-
https://github.com/EvilGreys/XLL-DROPPER-
Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current process
https://github.com/ProcessusT/EnumSSN
https://github.com/ProcessusT/EnumSSN
Spoofing 802.11 Wireless Beacon Management Frames with Manipulated Power Values Resulting in Denial of Service for Wireless Clients
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/spoofing-802-11-wireless-beacon-management-frames-with-manipulated-power-values-resulting-in-denial-of-service-for-wireless-clients
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/spoofing-802-11-wireless-beacon-management-frames-with-manipulated-power-values-resulting-in-denial-of-service-for-wireless-clients
Trigona Ransomware in 3 Hours
https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours
https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours
Automated Multi UAC bypass
for win10|win11|ws2019|ws2022
https://github.com/x0xr00t/Automated-MUlti-UAC-Bypass
for win10|win11|ws2019|ws2022
https://github.com/x0xr00t/Automated-MUlti-UAC-Bypass
Proof-of-concept code for the Android APEX key reuse vulnerability described in https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys
A direct improvement to remote TLS Injection
https://github.com/Uri3n/Advanced-TLS-Injection
https://github.com/Uri3n/Advanced-TLS-Injection