nc9001
Follow
Lists (6)
Stars
Free and Open Source Reverse Engineering Platform powered by rizin
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
Portable Executable reversing tool with a friendly GUI
Automatically exported from code.google.com/p/smhasher
Command Line Interactive and Scriptable Application to access MEGA
Nidhogg is an all-in-one simple to use windows kernel rootkit.
Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
Collection of various malicious functionality to aid in malware development
Alternative Shellcode Execution Via Callbacks
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
Tool to bypass LSA Protection (aka Protected Process Light)
Another Windows Local Privilege Escalation from Service Account to System
Recover the default privilege set of a LOCAL/NETWORK SERVICE account
Enumerating and removing kernel callbacks using signed vulnerable drivers
Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)
Custom Metasploit post module to executing a .NET Assembly from Meterpreter session
Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.
Samples for the book Windows Kernel Programming, 2nd edition
Weaponizing for privileged file writes bugs with windows problem reporting
A PowerShell console in C/C++ with all the security features disabled
Local privilege escalation PoC exploit for CVE-2019-16098