miseryyyyy Goto Github PK

amd-ryzen-master-driver-v17-exploit

Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).

amsiscanbuffer

Digging deeper into AmsiScanBuffer internals, and identifying 7 possibles AMSI patching by forcing a conditional jump to a branch that sets the return value of AmsiScanBuffer to E_INVALIDARG and makes the AmsiScanBuffer fails

azureappc2

A script that can be deployed to Azure App for C2 / Proxy / Redirector

bloodhound-custom-queries

Merged Custom Queries from Hausec and Compass Security

bobthesmuggler

"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).

burp-upstream-proxy

cheatsheets

This repository contains cheatsheets. In this way, it should be easy to find the right syntax with a simple grep command.

chimera

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

chimera-1

Automated DLL Sideloading Tool With EDR Evasion Capabilities

cissp-study-guide

study material used for the 2018 CISSP exam

csharp-tools

.NET C# Tools

cve-2022-44721-csfalconuninstaller

ddspoof

DDSpoof is a tool that enables DHCP DNS Dynamic Update attacks against Microsoft DHCP servers in AD environments.

dirsync

DirSync is a simple proof of concept PowerShell module to demonstrate the impact of delegating DS-Replication-Get-Changes and DS-Replication-Get-Changes-In-Filtered-Set.

dllirant

DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

domainpasswordspray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

dploot

DPAPI looting remotely in Python

dumpscan

Finding secrets in kernel and user memory

dumpsmbshare

A script to dump files and folders remotely from a Windows SMB share.

esc1-secretsdump

evildork

Evildork targeting your fiancee👁️

evilgophish

evilginx2 + gophish

fast-google-dorks-scan

The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.

fixing-random-issues

godpotato

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

hashgrab

generate payloads that force authentication against an attacker machine

inceptor

Template-Driven AV/EDR Evasion Framework

invisibilitycloak

Proof-of-concept obfuscation toolkit for C# post-exploitation tools

irm

Incident Response Methodologies