Giter VIP home page Giter VIP logo

Hi šŸ‘‹, I'm Usman Sikander (a.k.a Offensive-Panda)

An infosec guy who's constantly seeking for knowledge. Do purple šŸ’œ, but more in love with Red ā¤ļø.

offensive-panda

offensive-panda

Connect with me:

usmansikander13 usman-sikander13

Languages and Tools:

bash c cplusplus csharp css3 html5 nginx python

offensive-panda

Ā offensive-panda

offensive-panda

Usman Sikander's Projects

aes_shellcode_encryptor icon aes_shellcode_encryptor

This repository contains a tool that can encrypt all type of files and give the encrypted output in the form of an encrypted shellcode. Process of encrypting shellcode is very important for injection processes to bypass signature based detection by the security controls.

badpowershell icon badpowershell

This repository includes the powershell scripts. One script is used to convert any EXE file into hexadecimal format and other script can execute converted hex. Converted hex will upload on server and you can get hex, create EXE and execute it. This technique will help to bypass network level security controls.

c2-tool-collection icon c2-tool-collection

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

c2_elevated_shell_dll_hijcking icon c2_elevated_shell_dll_hijcking

DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Security researchers identified this technique which uses a simplified process of DLL hijacking and mock folders to bypass UAC control. I tested this on Windows 10,11 and bypassed Windows 10 UAC security feature.

certsync icon certsync

Dump NTDS with golden certificates and UnPAC the hash

chrome-password-stealer icon chrome-password-stealer

I have created a python based exploit which is getting Username, Passwords, Url's from Google Chrome

conti-ransomware icon conti-ransomware

Full source of the Conti Ransomware Including the missing Locker files from the original leak. I have fixed some of the errors intentionally introduced by the leaker to prevent the locker from being built. The Queue header file which implements a few linked list data structures that Conti uses for task scheduling in the Threadpool had several missi

cronos-rootkit icon cronos-rootkit

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

d3mpsec icon d3mpsec

"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.

defenseevasiontechniques icon defenseevasiontechniques

Defense Evasion Techniques Repository. This repository contains a collection of techniques designed to bypass Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) systems.

dllirant icon dllirant

DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

docplz icon docplz

Documents Exfiltration project for fun and educational purposes

donut icon donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

dv_new icon dv_new

This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)

giuda icon giuda

Ask a TGS on behalf of another user without password

impulsivedllhijack icon impulsivedllhijack

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

malwareanalysis icon malwareanalysis

Welcome to the Malware Analysis Toolkit repository, your comprehensive resource for dissecting and understanding the intricate world of malware. This repository is dedicated to providing in-depth technical analysis of various malware strains, equipping security professionals, researchers, and enthusiasts with the knowledge

mortar icon mortar

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

noriben icon noriben

Noriben - Portable, Simple, Malware Analysis Sandbox

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    šŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. šŸ“ŠšŸ“ˆšŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ā¤ļø Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.