CVE-2018-6066 using VBA
☆67Oct 24, 2022Updated 3 years ago
Alternatives and similar repositories for Ring0VBA
Users that are interested in Ring0VBA are comparing it to the libraries listed below
Sorting:
- A PoC executing shellcode in Dart☆16Jun 28, 2022Updated 3 years ago
- ☆113Oct 10, 2022Updated 3 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- ☆18Jan 14, 2026Updated 2 months ago
- RopstenCtf is an easy tool to interact with the ethereum ropsten network for ctf purpose and more.☆16Jul 18, 2022Updated 3 years ago
- A Sigma based detection pipeline☆12Dec 15, 2023Updated 2 years ago
- Automated compromise detection of the world's most popular packages☆16Sep 25, 2023Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆73Nov 4, 2025Updated 4 months ago
- ☆46Jun 21, 2023Updated 2 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup☆37Sep 14, 2023Updated 2 years ago
- A boilerplate for developing, testing and deploying smart contracts using Hardhat and Ethers.js☆18Aug 31, 2022Updated 3 years ago
- Partially offline multi-language translator built upon Huggingface transformers.☆16Sep 12, 2022Updated 3 years ago
- ☆64Jan 2, 2024Updated 2 years ago
- ☆16Dec 7, 2025Updated 3 months ago
- A persistant Windows Service Proof of Concept, where the Service will run after Restart or Shutdown, and invoke a given software executab…☆37Sep 28, 2023Updated 2 years ago
- XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded s…☆17Jul 12, 2022Updated 3 years ago
- D/Invoke implementation in Nim☆100Jun 8, 2022Updated 3 years ago
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆185Feb 12, 2023Updated 3 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆387Jul 30, 2024Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.☆60Aug 21, 2024Updated last year
- A shellcode function to encrypt a running process image when sleeping.☆339Sep 11, 2021Updated 4 years ago
- DLL sideloading/proxying with Nim!☆173Dec 4, 2022Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆244Sep 26, 2023Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- R3劫持所有异常☆15Jan 4, 2021Updated 5 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆94Aug 1, 2022Updated 3 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆58Feb 2, 2026Updated last month
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆41Oct 29, 2024Updated last year
- ☆10Jan 17, 2022Updated 4 years ago
- Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks☆30Feb 13, 2026Updated last month
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- Detect userland hooks placed by AV/EDR☆28Sep 4, 2023Updated 2 years ago
- ☆15Feb 9, 2022Updated 4 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆186Oct 3, 2021Updated 4 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago