antirookit Goto Github PK

inveigh

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

invoke-obfuscation

PowerShell Obfuscator

iori_loader

UUID shellcode Loader with dynamic indirect syscall implementation, syscall number/instruction get resolved dynamicaly at runtime, and the syscall number/instruction get unhooked using Halosgate technique. Function address get resolved from the PEB by offsets and comparaison by hashes

ivy

Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.

juicypotatong

Another Windows Local Privilege Escalation from Service Account to System

justc2file

Burp插件，Malleable C2 Profiles生成器；可以通过Burp代理选中请求，生成Cobalt Strike的profile文件(CSprofile)

katana

A next-generation crawling and spidering framework.

kaynldr

KaynLdr is a Reflective Loader written in C/ASM

keefarcereborn

A standalone DLL that exports databases in cleartext once injected in the KeePass process.

keinject

Kernel LdrLoadDll injector

kerberoast

Kerberoast attack -pure python-

kernel-exploits

Kernel Exploits

kernelhub

:palm_tree:Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

kittystager

KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this project is to be able to have a web server and some kitten and be able to use the with any shellcode.

koh

The Token Stealer

krbrelay

Framework for Kerberos relaying

krbrelayup

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

lazy_importer

library for importing functions from dlls in a hidden, reverse engineer unfriendly way

ldapnomnom

Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP)

ldaprelayscan

Check for LDAP protections regarding the relay of NTLM authentication

ldrloaddll-unhooking

LdrLoadDll Unhooking

learning-resources

Collection of resources to learn pentesting, exploit development, obfuscation & much more.

libpeconv

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

linux_lpe_io_uring_cve-2021-41073

llvm-msvc

Forked LLVM focused on MSVC Compatibility

llvm-msvc-build

Build llvm-msvc

loadlibrary

Porting Windows Dynamic Link Libraries to Linux

log4shell

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

macos_arm64_shellcode

ARM64 macOS assembly program for null-byte free shellcode

magicnetdefs

Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged processes to access malicious pipes for exploitation