Lists (1)
Stars
Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
A modular toolkit for building fast, reliable Web applications and libraries with Rust and WASM
Certified Red Team Operator (CRTO) Cheatsheet and Checklist
A Windows Kernel Driver Emulator base on Unicorn, Kernel Memory Dump and some of native environment
A Crystal Palace shared library to resolve & perform syscalls
LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment via Ludus for controlled testing.
Template-Driven AV/EDR Evasion Framework
Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies
Crystal Palace library for proxying Nt API calls via the Threadpool
This map lists the essential techniques to bypass anti-virus and EDR
A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its minimalist, robust, and highly adaptable architecture, this solu…
A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assignments.
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
Exposing CharmingKitten's malicious activity for IRGC-IO Counterintelligence division (1500)
The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.
RunPE implementation with multiple evasive techniques
Alternative Read and Write primitives using Rtl* functions the unintended way.
Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows Filtering Platform (WFP).