CrimsonEDR CrimsonEDR is an open-source project engineered to identify specific malware patterns, offering a tool for honing skills in circumventing Endpoint Detection and Response (EDR). By leveraging diverse detection methods, it empowers users to...
FullBypass A tool that bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Usage: First, Download the bypass.csproj file into the victim machine (Find...
InflativeLoading Background Converting an exe to shellcode is one of my goals, in this way, some security tools like Mimikatz can be used with more flexibility. Though some tools like Donut already achieved it, I still...
Disable Windows Defender Privilege tokens are permissions given by the system to a process. For example, if a process has a “SeShutdownPrivilege” token, then it has the right to turn off your computer.If your...
Hardening Meter HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems. Its robust capabilities include thorough checks of various binary exploitation protection mechanisms, including Stack...
Honeyscanner – A vulnerability analyzer for Honeypots Honeyscanner is a vulnerability analyzer for honeypots designed to automatically attack a given honeypot, in order to determine if the honeypot is vulnerable to specific types of...
Frameless BITB A new approach to Browser In The Browser (BITB) without the use of iframes, allows the bypass of traditional framebusters implemented by login pages like Microsoft. This POC code is built for...
SOAPHound SOAPHound is a .NET data collector tool, which collects Active Directory data via the Active Directory Web Services (ADWS) protocol. SOAPHound is an alternative to several open-source security tools that are commonly used...
ADOKit Azure DevOps Services Attack Toolkit – ADOKit is a toolkit that can be used to attack Azure DevOps Services by taking advantage of the available REST API. The tool allows the user to...
Cookie-Monster Steal browser cookies for Edge, Chrome, and Firefox through a BOF or exe! Cookie-Monster will extract the WebKit master key, locate a browser process with a handle to the Cookies and Login Data...
LOLSpoof LOLSpoof is an interactive shell program that automatically spoofs the command line arguments of the spawned process. Just call your incriminate-looking command line LOLBin (e.g. powershell -w hidden -enc ZwBlAHQALQBwAHIAbwBjAGUA….) and LOLSpoof will...
IOCTLance Presented at CODE BLUE 2023, this project titled Enhanced Vulnerability Hunting in WDM Drivers with Symbolic Execution and Taint Analysis introduces IOCTLance, a tool that enhances its capacity to detect various vulnerability types in Windows Driver...
Docker Remote API Scanner and Exploit This repository contains a Docker Remote API Scanner and Exploit tool designed for educational and research purposes. It enables users to perform security assessments and experiments related to...
Maldev Academy – RemoteTLSCallbackInjection This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless Injection as RemoteTLSCallbackInjection does not invoke any API calls...
AngryOxide AngryOxide was developed as a way to learn Rust, netlink, kernel sockets, and WiFi exploitation all at once. The overall goal of this tool is to provide a single-interface survey capability with advanced...