Yet another llvm based obfuscator based on goron.

PWN初学者好题精炼

protector & obfuscator & code virtualizer

Identifying and Disrupting Crypto-Ransomware (and Destructive Malware) using handle heurustics

PE to shellcode

基于Go编写的windows日志分析工具

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

shellcode-loaders and beacon-loaders

Simulate the behavior of AV/EDR for malware development training.

TeamServer and Client of Exploration Command and Control Framework

Dumping DPAPI credz remotely

A tool to extract a KeePass master password from memory

DPAPI offline decryption utility

《云原生安全：攻防实践与体系构建》资料仓库

Powershell function to pull the local admin passwords from LDAP, stored there by LAPS.

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…

Some scripts to abuse kerberos using Powershell

EXP for CVE-2023-28434 MinIO unauthorized to RCE

Print Spooler Named Pipe Impersonation for Cobalt Strike

Grab unsaved Notepad contents with a Beacon Object File

EndpointSearch 是一个探测云服务端点的扫描器。Endpoint Search is a sophisticated reconnaissance utility designed to discreetly identify and enumerate endpoints within cloud services.

free rpc gateway, 1rpc integrate them all.

Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms

Write-Ups for HackTheBox

永久免杀加载器移步另一个项目https://github.com/snnxyss/new_in_swor 一个简单内网渗透工具免杀 目前免杀fscan,mimikatz,frp,elevationstation,bypassuac, 一键killAV 。请使用In-Swor(x64版本)360报毒qvm20请更换exe图标资源。

bypassAll静态引擎，如绕过QVM，绕过VT所有静态引擎

pickle相关CTF题目源码整理