gelven4sec
Follow
Lists (17)
Starred repositories
Manual mapping without creating any threads, with rw only access
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It supports XOR encryption and remote file transmission.
An step by step fuzzing tutorial. A GitHub Security Lab initiative
DLL that hooks the NtQuerySystemInformation API and hides a process name
An implementation of execve() in user space
A tool for loading and executing PE on Windows and ELF on Linux from memory written in Rust
Sandbox implemented in GO with container / ptrace / seccomp
BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
Linux Runtime Security and Forensics using eBPF
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
Lateral Movement Using DCOM and DLL Hijacking
This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at the forefront of the field. It serves as a central repository…
My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.
RustBoyAdvance-NG is a Nintendo™ Game Boy Advance emulator and debugger, written in the rust programming language.
Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.
Dll that can be used for side loading and other attack vector.
Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.
A small NtCreateUserProcess PoC that spawns a Command prompt.
The Definitive Guide To Process Cloning on Windows
FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading
Nameless C2 - A C2 with all its components written in Rust
