evilashz
Follow
Lists (6)
Stars
Generate a PDB file given the old PDB file and an address mapping
a C\C++ library and command-line tools for Diff & Patch between binary files or directories(folder); cross-platform; runs fast; create small delta/differential; support large files and limit memory…
A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and reflection techniques for code injection. This PoC showcases…
Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process
Reaping treasures from strings in remote processes memory
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.
Driver loader for bypassing Windows x64 Driver Signature Enforcement
PoC for the Untrusted Pointer Dereference in the ks.sys driver
CVE-2024-35250 的 Beacon Object File (BOF) 实现。
Patch termsrv.dll so that multiple remote users can open an RDP session on a non-Windows Server computer
COM ViewLogger — new malware keylogging technique
Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
tiny, portable SOCKS5 server with very moderate resource usage
Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
Smart contract audit skills roadmap for beginners, auditors, engineers, etc.
Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies
一个2020年练手的基于gin框架搞的在线免杀平台,支持后台管理,邀请码注册等
Jar Analyzer - 一个JAR包分析工具,批量分析,SCA漏洞分析,方法调用关系搜索,字符串搜索,Spring组件分析,信息泄露检查,CFG程序分析,JVM栈帧分析,进阶表达式搜索,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码,一键分析BCEL字节码