Git
/
mgeeky-Penetration-Testing-Tools
mirror of https://github.com/mgeeky/Penetration-Testing-Tools.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added ShellcodeFluctuation

This commit is contained in:
Mariusz B. / mgeeky 2021-09-29 12:59:28 +02:00
parent ebd1115c50
commit f85a74deca
3 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitmodules vendored
View File

@ -61,3 +61,6 @@
[submodule "windows/ThreadStackSpoofer"] [submodule "windows/ThreadStackSpoofer"]
path = windows/ThreadStackSpoofer path = windows/ThreadStackSpoofer
url = https://github.com/mgeeky/ThreadStackSpoofer url = https://github.com/mgeeky/ThreadStackSpoofer
[submodule "windows/ShellcodeFluctuation"]
path = windows/ShellcodeFluctuation
url = https://github.com/mgeeky/ShellcodeFluctuation

4
windows/README.md
View File

@ -100,9 +100,11 @@ PS> python3 rdpFileUpload.py -v -f certutil README.md
- **`revshell.c`** - Utterly simple reverse-shell, ready to be compiled by `mingw-w64` on Kali. No security features attached, completely not OPSEC-safe. - **`revshell.c`** - Utterly simple reverse-shell, ready to be compiled by `mingw-w64` on Kali. No security features attached, completely not OPSEC-safe.
- [**`ShellcodeFluctuation`**](https://github.com/mgeeky/ShellcodeFluctuation) - An in-memory evasion technique fluctuating shellcode memory protection between RW & RX and encrypting/decrypting contents.
- **`Simulate-DNSTunnel.ps1`** - Performs DNS Tunnelling simulation for purpose of triggering installed Network IPS and IDS systems, generating SIEM offenses and picking up Blue Teams. - **`Simulate-DNSTunnel.ps1`** - Performs DNS Tunnelling simulation for purpose of triggering installed Network IPS and IDS systems, generating SIEM offenses and picking up Blue Teams.
- **`ThreadStackSpoofer`** - A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory. - [**`ThreadStackSpoofer`**](https://github.com/mgeeky/ThreadStackSpoofer) - A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory.
- **`UnhookMe`** - Dynamically unhooking imports resolver. Implementation of dynamic imports resolver that would be capable of unhooking used functions in-the-fly is yet another step towards strengthening adversary resilience efforts. - **`UnhookMe`** - Dynamically unhooking imports resolver. Implementation of dynamic imports resolver that would be capable of unhooking used functions in-the-fly is yet another step towards strengthening adversary resilience efforts.

1
windows/ShellcodeFluctuation Submodule

@ -0,0 +1 @@
Subproject commit fe006c65699da7de2278d6b3859e3049086a8594