janoglezcampos
Follow
Lists (1)
Stars
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts
PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info
Elastic Security detection content for Endpoint
usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to p…
PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
A small NtCreateUserProcess PoC that spawns a Command prompt.
Please no pull requests for this repository. Thanks!
Docs and resources on CPU Speculative Execution bugs
Kernel mode WinDbg extension and PoCs for token privilege investigation.
A pattern for reasonably secure Electron applications
Win32 and Kernel abusing techniques for pentesters
🖥️ P2P Remote Desktop - Portable, No Configuration or Installation Needed.
Simple Theorem Prover, an efficient SMT solver for bitvectors
Syscall Shellcode Loader (Work in Progress)
Nidhogg is an all-in-one simple to use windows kernel rootkit.
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
A User Impersonation tool - via Token or Shellcode injection