HadesW
Follow
Stars
复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》
Universal kernelmode DLL injector which is currently working for all games. Uses shared memory buffer for communication between kernelmode and usermode, has antipaste, good luck.
This is a repo of my previous BEKernelDriver but updated to add better protections and a more detailed setup. also with a good bit of code cleanup.
SharpDecryptPwd source, To Decrypt Navicat,Xmanager,Filezilla,Foxmail,WinSCP,etc
浏览器检测 - Useragent分析/浏览器识别/浏览器判断/UA解析/用户代理信息/Useragent analysis tool/Browser detection
基于C++开发的网络传输库,使用该传输库可以直接按包发送字节流,按包接收字节流,无需关心传输协议,支持TCP和UDP(可靠UDP)
Shows an example of how to implement VT-d/AMD-Vi on Windows
Collection of beacon BOF written to learn windows and cobaltstrike
Driver that communicates using a thread and a shared section with Usermode
ZTM (Zero Trust Mesh) is a privacy-first open-source decentralized network software based on HTTP/2 tunnels. Experience boundless connectivity and mesh the globe!
Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No test signing mode is required.
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
This is my BE / EAC / VGK DSE Exploit that is used in my Driver Mapper for Valorant & FaceIT (But also works on BE/EAC)
Load vulnerable drivers using iqvw64e.sys hijack
Allows for same-file KernelMode function execution using Encrypted addresses of Functions
Fumo Loader - All in one kernel-based DLL injector
Extract and execute a PE embedded within a PNG file using an LNK file.
Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijack execution flow
A simple open source c++ kernel injector i made for project nova.
This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumping using Bytes.