update
This commit is contained in:
mgeeky
commit
ed02ce7b19
|
|
@ -49,3 +49,9 @@
|
||||||
[submodule "red-teaming/ElusiveMice"]
|
[submodule "red-teaming/ElusiveMice"]
|
||||||
path = red-teaming/ElusiveMice
|
path = red-teaming/ElusiveMice
|
||||||
url = https://github.com/mgeeky/ElusiveMice
|
url = https://github.com/mgeeky/ElusiveMice
|
||||||
|
[submodule "windows/ThreadStackSpoofer"]
|
||||||
|
path = windows/ThreadStackSpoofer
|
||||||
|
url = https://github.com/mgeeky/ThreadStackSpoofer
|
||||||
|
[submodule "windows/ShellcodeFluctuation"]
|
||||||
|
path = windows/ShellcodeFluctuation
|
||||||
|
url = https://github.com/mgeeky/ShellcodeFluctuation
|
||||||
|
|
|
||||||
|
|
@ -25,6 +25,15 @@ The collection is divided further onto following sections:
|
||||||
|
|
||||||
The base of these tools do not contain any customer/client related sensitive information as well as there are no engagement-specific tools developed as PoCs.
|
The base of these tools do not contain any customer/client related sensitive information as well as there are no engagement-specific tools developed as PoCs.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
### ☕ Show Support ☕
|
||||||
|
|
||||||
|
This and other projects are outcome of sleepless nights and **plenty of hard work**. If you like what I do and appreciate that I always give back to the community,
|
||||||
|
[Consider buying me a coffee](https://github.com/sponsors/mgeeky) _(or better a beer)_ just to say thank you! 💪
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
```
|
```
|
||||||
Mariusz B. / mgeeky, (@mariuszbit)
|
Mariusz B. / mgeeky, (@mariuszbit)
|
||||||
<mb [at] binary-offensive.com>
|
<mb [at] binary-offensive.com>
|
||||||
|
|
|
||||||
|
|
@ -100,8 +100,12 @@ PS> python3 rdpFileUpload.py -v -f certutil README.md
|
||||||
|
|
||||||
- **`revshell.c`** - Utterly simple reverse-shell, ready to be compiled by `mingw-w64` on Kali. No security features attached, completely not OPSEC-safe.
|
- **`revshell.c`** - Utterly simple reverse-shell, ready to be compiled by `mingw-w64` on Kali. No security features attached, completely not OPSEC-safe.
|
||||||
|
|
||||||
|
- [**`ShellcodeFluctuation`**](https://github.com/mgeeky/ShellcodeFluctuation) - An in-memory evasion technique fluctuating shellcode memory protection between RW & RX and encrypting/decrypting contents.
|
||||||
|
|
||||||
- **`Simulate-DNSTunnel.ps1`** - Performs DNS Tunnelling simulation for purpose of triggering installed Network IPS and IDS systems, generating SIEM offenses and picking up Blue Teams.
|
- **`Simulate-DNSTunnel.ps1`** - Performs DNS Tunnelling simulation for purpose of triggering installed Network IPS and IDS systems, generating SIEM offenses and picking up Blue Teams.
|
||||||
|
|
||||||
|
- [**`ThreadStackSpoofer`**](https://github.com/mgeeky/ThreadStackSpoofer) - A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory.
|
||||||
|
|
||||||
- **`UnhookMe`** - Dynamically unhooking imports resolver. Implementation of dynamic imports resolver that would be capable of unhooking used functions in-the-fly is yet another step towards strengthening adversary resilience efforts.
|
- **`UnhookMe`** - Dynamically unhooking imports resolver. Implementation of dynamic imports resolver that would be capable of unhooking used functions in-the-fly is yet another step towards strengthening adversary resilience efforts.
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit 21a7194ca70b5a2133457047350595ee0856a284
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit 37490f57f5c458c69aa2cf92dbb7b6f67141ae89
|
||||||
Loading…
Reference in New Issue