zeze-zeze
Follow
Ring3
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
Implementing the ghostly hollowing PE injection technique using tampered syscalls.
PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs code dynamic analysis, extracting malware hosting URLs and …
PowerShell script for deobfuscating encoded PowerShell scripts
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
A fork of AFL for fuzzing Windows binaries
EasyHook - The reinvention of Windows API Hooking
OSS-Fuzz - continuous fuzzing for open source software.
Leak of any user's NetNTLM hash. Fixed in KB5040434
A library that provides methods to inline hook binary codes in x86 and x86_64 architecture
not a reverse-engineered version of the Cobalt Strike Beacon
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Crack any Microsoft Windows users password without any privilege (Guest account included)
PowerBruteLogon (Ported version of WinBruteLogon in pure PowerShell)
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifyin…
Dump cookies and credentials directly from Chrome/Edge process memory
Browser Protector against various stealers, written in C# & C/C++.
A way to delete a locked file, or current running executable, on disk.