Lists (16)
Stars
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
A modern 32/64-bit position independent implant template
Collection of PoC and offensive techniques used by the BlackArrow Red Team
Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.
Original C Implementation of the Hell's Gate VX Technique
Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
Complete list of LPE exploits for Windows (starting from 2023)
Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-dete…
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+Bloc…
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…
Execute unmanaged Windows executables in CobaltStrike Beacons
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass…
Collection of Beacon Object Files (BOF) for Cobalt Strike
HackRF software and captures by everyone and for everyone. Argh matey.
some gadgets about windows process and ready to use :)
First open source and publicly available System Management Mode backdoor for UEFI based platforms. Good as general purpose playground for various SMM experiments.