CYRIL PINEIRO's Projects
Dynamic unpacker based on PE-sieve
Maquerade any legitimate Windows binary by changing some fields in the PEB structure
Course materials for Modern Binary Exploitation by RPISEC
LD_PRELOAD Rootkit
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Metasploit Cheat Sheet š£
Microsoft Cybersecurity Pro Track: Threat Detection, by EC-Council
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.
Codebase to generate an msdt-follina payload
Free and source-available fair-code licensed workflow automation tool. Easily automate tasks across different services.
The Network Execution Tool
A slightly more fun way to disable windows defender. (through the WSC api)
NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly.
NTP Exfiltration Tool
This project is an implant framework designed for long term persistent access to Windows machines.
Cobaltstrike UDRL with memory evasion
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
Okta Verify and Okta FastPass Abuse Tool
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
X86 Mutation Engine with Portable Executable compatibility.
Command & Control-Framework created for collaboration in python3
PowerShell Module to interact with the Shodan service
PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs code dynamic analysis, extracting malware hosting URLs and checking http response.It can also detect if the malware attempts to inject shellcode into memory.
PowerTools is a collection of PowerShell projects with a focus on offensive operations.
This program is designed to demonstrate various process injection techniques