fortra / Reversing-and-Exploiting-with-Free-Tools-Series

Related projects ⓘ

Alternatives and complementary repositories for Reversing-and-Exploiting-with-Free-Tools-Series

• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆61Updated 2 years ago
• hackerhouse-opensource / NoFaxGiven
  Code Execution & Persistence in NETWORK SERVICE FAX Service
  ☆31Updated 2 years ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆58Updated last year
• yo-yo-yo-jbo / injection_and_hooking_intro
  ☆37Updated last year
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆25Updated 2 years ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• dosxuz / PerunsFart
  This is my own implementation of the Perun's Fart technique by Sektor7
  ☆66Updated 2 years ago
• tijme / conferences
  Some of the presentations, workshops, and labs I gave at public conferences.
  ☆29Updated 2 months ago
• 0x00Check / ExploitLeakedHandle
  Identify and exploit leaked handles for local privilege escalation.
  ☆105Updated last year
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆43Updated 2 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆68Updated last year
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆79Updated 8 months ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆77Updated last year
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆93Updated 5 months ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated last year
• rvrsh3ll / DInjector
  Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL
  ☆19Updated 2 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆85Updated 2 years ago
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆94Updated last year
• wietze / windows-dll-env-hijacking
  Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.
  ☆56Updated 2 years ago
• phackt / wptsextensions.dll
  WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
  ☆51Updated 3 years ago
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆62Updated last year
• eversinc33 / Godmode
  Tool for playing with Windows Access Token manipulation.
  ☆51Updated last year
• jsecurity101 / LDAPMon
  ☆44Updated last year
• nick-frischkorn / SysWhispers-FunctionRandomizer
  Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings
  ☆24Updated 2 years ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆49Updated last year
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆32Updated last year
• Wh04m1001 / RazerEoP
  ☆24Updated last year
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆81Updated last year