Skip to content
/ EXPLOIT Public

The repository contains code snippets to aid in exploit development

2 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ianwolf99/EXPLOIT

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

112 Commits
Exploit_Documentation
Exploit_Documentation
 
 
Proof-of-Concepts
Proof-of-Concepts
 
 
SYSTEMINTERNALS_suite
SYSTEMINTERNALS_suite
 
 
AJIRA.txt
AJIRA.txt
 
 
Airline_Ticket.cpp
Airline_Ticket.cpp
 
 
Alloc_free.js
Alloc_free.js
 
 
Allocation.js
Allocation.js
 
 
Array.html
Array.html
 
 
DOUBLEPULSAR - Payload_Execution_and_Neutralization.rb
DOUBLEPULSAR - Payload_Execution_and_Neutralization.rb
 
 
Double_free.c
Double_free.c
 
 
Enum_Drivers.cpp
Enum_Drivers.cpp
 
 
Enum_process.cpp
Enum_process.cpp
 
 
Enum_process_memory.cpp
Enum_process_memory.cpp
 
 
Enum_process_modules.cpp
Enum_process_modules.cpp
 
 
FLYER SF.pdf
FLYER SF.pdf
 
 
Findinst.py
Findinst.py
 
 
GW_exploit.py
GW_exploit.py
 
 
Groom_test.cpp
Groom_test.cpp
 
 
Heab_Bug.cpp
Heab_Bug.cpp
 
 
Heab_Bug.exe
Heab_Bug.exe
 
 
Heap.c
Heap.c
 
 
Heap_Overflow.c
Heap_Overflow.c
 
 
Heap_spray.html
Heap_spray.html
 
 
Heap_test.cpp
Heap_test.cpp
 
 
Immunity_Assembler.py
Immunity_Assembler.py
 
 
Linux_shell.asm
Linux_shell.asm
 
 
MIKROTIK.txt
MIKROTIK.txt
 
 
MS_DUMP.py
MS_DUMP.py
 
 
Nmap_scriptd.txt
Nmap_scriptd.txt
 
 
Project_Details.txt
Project_Details.txt
 
 
RCE-CVE-2020-16875.rb
RCE-CVE-2020-16875.rb
 
 
README.md
README.md
 
 
Ransomware.py
Ransomware.py
 
 
Reverse_shell.asm
Reverse_shell.asm
 
 
Router_scanner.py
Router_scanner.py
 
 
SAP.py
SAP.py
 
 
SAP_executables.txt
SAP_executables.txt
 
 
SCADA local exploits on windows 7 platform.txt
SCADA local exploits on windows 7 platform.txt
 
 
SEH_chain.py
SEH_chain.py
 
 
Seh.c
Seh.c
 
 
Shiftech Company Profile Presentation.pdf
Shiftech Company Profile Presentation.pdf
 
 
Spray_Heap.html
Spray_Heap.html
 
 
Truncation_Error.c
Truncation_Error.c
 
 
UAF.c
UAF.c
 
 
Until_IE7.html
Until_IE7.html
 
 
VanilaEIP.html
VanilaEIP.html
 
 
Windows_drivers.txt
Windows_drivers.txt
 
 
attack.js
attack.js
 
 
businesslogic.rar
businesslogic.rar
 
 
ca-bundle.txt
ca-bundle.txt
 
 
cace.txt
cace.txt
 
 
cmd_exe.asm
cmd_exe.asm
 
 
cookie.js
cookie.js
 
 
fY7uwKnhRE2PT3P6pbroJ0S1xwLh2MZbjFXGsYT4Tpc
fY7uwKnhRE2PT3P6pbroJ0S1xwLh2MZbjFXGsYT4Tpc
 
 
fY7uwKnhRE2PT3P6pbroJ0S1xwLh2MZbjFXGsYT4Tpc.txt
fY7uwKnhRE2PT3P6pbroJ0S1xwLh2MZbjFXGsYT4Tpc.txt
 
 
ftp_fuzzer.py
ftp_fuzzer.py
 
 
fuck_heap.c
fuck_heap.c
 
 
hsts.py
hsts.py
 
 
info.txt
info.txt
 
 
int_overflow.c
int_overflow.c
 
 
integer_overflow.c
integer_overflow.c
 
 
models.py.py
models.py.py
 
 
net.txt
net.txt
 
 
overflow.c
overflow.c
 
 
pdf24_converted (4).pdf
pdf24_converted (4).pdf
 
 
port_forwad.py
port_forwad.py
 
 
powershell_attack.txt
powershell_attack.txt
 
 
powerup.ps1
powerup.ps1
 
 
print_badchars.py
print_badchars.py
 
 
private-key.txt
private-key.txt
 
 
python_fuzzer.py
python_fuzzer.py
 
 
ret_eip.c
ret_eip.c
 
 
router_admin.py
router_admin.py
 
 
sapwn-disarmed.py
sapwn-disarmed.py
 
 
signed_certificates.txt
signed_certificates.txt
 
 
smash_test.cpp
smash_test.cpp
 
 
smash_test.txt
smash_test.txt
 
 
squidcert.conf
squidcert.conf
 
 
stack.c
stack.c
 
 
trainbot.py
trainbot.py
 
 
unlink-security.c
unlink-security.c
 
 
unsafe_unlinkExploit.c
unsafe_unlinkExploit.c
 
 
vulnerable.c
vulnerable.c
 
 
vulnserver_fuzz.py
vulnserver_fuzz.py
 
 
windbg_heap.txt
windbg_heap.txt
 
 
windows_bind.asm
windows_bind.asm
 
 

Repository files navigation

#checkout pefile python module

#on your python interpreter

import pefile pe = pefile.PE("file.exe") pe.print_info()

#juicy for windows portable executables

important note:under the proofs-of-concept folder you need ti edit the code inorder for it to work on your side

Encryption is one of those things that will defeat antivirus’ static scanning effectively, because the AV engine can’t crack it immediately. Currently, there are a few encryption/encoding types to protect the shellcode: AES256-CBC, RC4, XOR, and Base64. #but runtime detection will catch this babe

Machine learning scanners would take down softwares with dangerous windows API functions eg VirtualAlloc and WriteProcessMemory

https://cplusplus.com/

checkout this article by Microsoft

https://docs.microsoft.com/en-us/windows/win32/SecBP/avoiding-buffer-overruns

https://docs.microsoft.com/en-us/windows/win32/toolhelp/about-tool-help-functions

Encrypt the shellcode and decrypt in memory....use the CBC mode for AES Algorithim....The key and IV should always be Random....No one cryptography rule...key and IV should always be transmitted securely to the decryptor....

About

The repository contains code snippets to aid in exploit development

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages