Nidhogg is an all-in-one simple to use rootkit.
-
Updated
Apr 13, 2024 - C++
Nidhogg is an all-in-one simple to use rootkit.
Lifetime AMSI bypass
Venom is a library that meant to perform evasive communication using stolen browser socket
APT38 Tactic PoC for Stealing 0days from security professionals
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
Windows handle hijacker
Source code of exploiting windows API for red teaming series
Exploring in-memory execution of .NET
x64/x86 shellcode injector
A targeted DNS cache poisoner
Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.
Detect API Hooks
AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.
It records your screenshots and code, then lets you upload to ASHIRT
NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
x86 Trampoline Hook
Add a description, image, and links to the red-team topic page so that developers can more easily learn about it.
To associate your repository with the red-team topic, visit your repo's landing page and select "manage topics."