Windows Hack
Load any Beacon Object File using Powershell!
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
Load and execute COFF files and Cobalt Strike BOFs in-memory
Load and execute COFF files and Cobalt Strike BOFs in-memory
Simple C++ DLL Manual Map Injector For x86 and x64
Extracting Clear Text Passwords from mstsc.exe using API Hooking.
Collection of various malicious functionality to aid in malware development
GoRE - Package gore is a library for analyzing Go binaries
xfrpc 是一个轻量级的 FRP 客户端,完美兼容 frps,采用 C 语言实现,专为 OpenWRT 和物联网等资源受限系统优化设计。它针对 ROM 和 RAM 空间有限的设备,提供高效的内网穿透解决方案。xfrpc 集成了xDPI(深度包检测)功能,增强了安全性,有效防止内网穿透中因恶意嗅探导致的安全威胁,确保数据传输和网络访问的可靠保护。技术交流QQ群 331230369
SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了
对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecryptPwd
🚀 PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and se…
Alternative Shellcode Execution Via Callbacks
This project is just a dumping ground for random scripts I've developed.
Execute unmanaged Windows executables in CobaltStrike Beacons
A method of bypassing EDR's active projection DLL's by preventing entry point exection
Run a Exe File (PE Module) in memory (like an Application Loader)
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
Fix DecodePointer, EncodePointer,RegDeleteKeyEx etc. APIs not found in Windows XP RTM.