Lateral movement with DCOM DLL hijacking

Yet another PE Viewer

A collection of links related to Linux kernel security and exploitation

Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.

TCP tunneling over HTTP/HTTPS for web application servers

PowerShell Runspace Post Exploitation Toolkit

A lsass dump tool using MiniDumpWriteDump & syscall(NtOpenProcess) technique. only tested on windows 11 with defender enabled:-)

修改的SweetPotato，使之可以用于CobaltStrike v4.0

Modifying SweetPotato to support load shellcode and webshell

关于RPC一些绕EDR的tips

A Bypass Anti-virus Software Lateral Movement Command Execution Tool

C Sharp codes of my blog.

Some binary collect from internet.

Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

Rust for malware Development is a repository for advanced Red Team techniques and offensive malwares & Ransomwares, focused on Rust 🦀

Awesome EDR Bypass Resources For Ethical Hacking

The recursive internet scanner for hackers. 🧡

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

POC of Command and Control over Chess

Complete list of LPE exploits for Windows (starting from 2023)

AV/EDR Lab environment setup references to help in Malware development

DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely

Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already saved SAM and SYSTEM hives.

Slides for COM Hijacking AV/EDR Talk on 38c3

A C DLL that can control powershell