DeathSleep – A PoC Implementation For An Evasion Technique To Terminate The Current Thread And Restore It Before Resuming Execution, While Implementing Page Protection Changes During No Execution

A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution. Intro Sleep and obfuscation methods are well known in the maldev community, with different implementations, they have the objective of hiding from memory scanners while sleeping, usually changing pageRead More

Nim-RunPE – A Nim Implementation Of Reflective PE-Loading From Memory

A Nim implementation of reflective PE-Loading from memory. The base for this code was taken from RunPE-In-Memory – which I ported to Nim. You’ll need to install the following dependencies: nimble install ptr_math winim I did test this with Nim Version 1.6.2 only, so use that version for testing or I cannot guarantee no errorsRead More

Chisel-Strike – A .NET XOR Encrypted Cobalt Strike Aggressor Implementation For Chisel To Utilize Faster Proxy And Advanced Socks5 Capabilities

A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities. Why write this? In my experience I found socks4/socks4a proxies quite slow in comparison to its socks5 counterparts and a lack of implementation of socks5 in most C2 frameworks. There is a C# wrapper around the goRead More

NimHollow – Nim Implementation Of Process Hollowing Using Syscalls (PoC)

Playing around with the Process Hollowing technique using Nim. Features: Direct syscalls for triggering Windows Native API functions with NimlineWhispers. Shellcode encryption/decryption with AES in CTR mode. Simple sandbox detection methods from the OSEP course by @offensive-security. AMSI patching with @rasta-mouse’s method is also inside (uncomment it for your needs). Usage Installation: ~$ git cloneRead More

Certipy – Python Implementation For Active Directory Certificate Abuse

[*] Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). Based on the C# variant Certify from @harmj0y and @tifkin_. Installation $ python3 install Remember to add the Python scripts directory to your path. Usage $ certipy -husage: certipy [-h] [-debug] [-target-ip ip address] [-nameserver nameserver]Read More

OpenWifiPass – An Open Source Implementation Of Apple’s Wi-Fi Password Sharing Protocol In Python

An open source implementation of the grantor role in Apple’s Wi-Fi Password Sharing protocol. Disclaimer OpenWifiPass is experimental software and is the result of reverse engineering efforts by the Open Wireless Link project. The code serves solely documentary and educational purposes. It is untested and incomplete. For example, the code does not verify the identityRead More

Damn-Vulnerable-GraphQL-Application – Damn Vulnerable GraphQL Application Is An Intentionally Vulnerable Implementation Of Facebook’s GraphQL Technology, To Learn And Practice GraphQL Security

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook’s GraphQL technology, to learn and practice GraphQL Security. About DVGA Damn Vulnerable GraphQL is a deliberately weak and insecure implementation of GraphQL that provides a safe environment to attack a GraphQL application, allowing developers and IT professionals to test for vulnerabilities. DVGA has numerousRead More

Diceware-Password-Generator – Python Implementation Of The Diceware Password Generating Algorithm

Please Note – This Program Do Not Store Passwords In Any Form And All The Passwords Are Generated Locally Inside You Device. Diceware is a method used to generate cryptographically strong memorable passphrases. This is a python implementation of the diceware password generating algorithm. Inspired after watching this video. How DPG Generate Passwords? Traditional DicewareRead More

Pypykatz – Mimikatz Implementation In Pure Python

Mimikatz implementation in pure Python. At least a part of it 🙂Runs on all OS’s which support python>=3.6 WIKISince version 0.1.1 the command line changed a little. Worry not, I have an awesome WIKI for you.InstallingInstall it via pip or by cloning it from github.The installer will create a pypykatz executable in the python’s ScriptRead More