A little tool to play with Windows security

Defeating Windows User Account Control

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Simple (relatively) things allowing you to dig a bit deeper than usual.

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

generate CobaltStrike's cross-platform payload

各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

Situational Awareness commands implemented using Beacon Object Files

Windows NT Syscall tables

助力每一位RT队员，快速生成免杀木马

内网域渗透小工具

在Windows环境下的进程注入方法：远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入

Windows Elevation(持续更新)

Execute unmanaged Windows executables in CobaltStrike Beacons

Syscall免杀

MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.

Simulate the behavior of AV/EDR for malware development training.

Some demos to bypass EDRs or AVs by 78itsT3@m

一款dump hash工具配合后渗透的利用

添加计划任务方法集合

远程创建任务计划工具

关于RPC一些绕EDR的tips

beta

Seven different DLL injection techniques in one single project.

Various methods of executing shellcode

Beacon compiled using clang