tigr0w Goto Github PK

hackndo_lsassy

Extract credentials from lsass remotely

hakonharnes_emcc-obf

Modified Emscripten compiler with LLVM-level obfuscation

hardenedvault_bootkit-samples

Bootkit sample for firmware attack

hardenedvault_vaultboot

Security payload for next-Gen firmware architecture

helixo32_nimblackout

Kill AV/EDR leveraging BYOVD attack

https_csharp_server

Implementing a Multithreaded HTTP/HTTPS Debugging Proxy Server in C# xref. `https://www.codeproject.com/Articles/93301/Implementing-a-Multithreaded-HTTP-HTTPS-Debugging`

huaigu4ng_syswhispers3winhttp

SysWhispers3WinHttp 基于SysWhispers3项目增添WinHttp分离加载功能，可免杀绕过360核晶与Defender。

huntandhackett_process-cloning

The Definitive Guide To Process Cloning on Windows

hypnoze57_sharphound4cobalt

C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)

iansus_dllproxy

icyguider_shhhloader

Syscall Shellcode Loader (Work in Progress)

idov31_idov31.github.io

idov31_jormungandr

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

idov31_nidhogg

Nidhogg is an all-in-one simple to use rootkit for red teams.

idov31_venom

Venom is a library that meant to perform evasive communication using stolen browser socket

infosecb_loobins

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in macOS binaries and how they can be used by threat actors for malicious purposes.

invoke-dllclone

Koppeling x Metatwin x LazySign

iomoath_redwardenlite

A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.

itm4n_pplmedic

Dump the memory of any PPL with a Userland exploit chain

javascript-obfuscator

A powerful obfuscator for JavaScript and Node.js

jm33-m0_emp3r0r

Linux/Windows post-exploitation framework made by linux user

joeavanzato_trawler

PowerShell script to help Incident Responders discover adversary persistence mechanisms.

jonathansalwan_ropgadget

This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, and RISC-V Compressed architectures.

justcallmekoko_esp32marauder

A suite of WiFi/Bluetooth offensive and defensive tools for the ESP32

klezvirus_syswhispers3

SysWhispers on Steroids - AV/EDR evasion via direct system calls.

knight0x07_poc-malware-ttps

PoC-Malware-TTPs

kpcyrd_sh4d0wup

Signing-key abuse and update exploitation framework

kraken-ng_kraken

Kraken, a modular multi-language webshell coded by @secu_x11

kubescape

kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA (https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/)

kudaes_bin-finder

Detect EDR's exceptions by inspecting processes' loaded modules