oops4git Goto Github PK

spartacus

Spartacus DLL Hijacking Discovery Tool

spawn

Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing.

spoolsample

PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.

springboot-scan

针对SpringBoot的开源渗透框架，以及Spring相关高危漏洞利用工具

springbootadmin-thymeleaf-ssti

SpringBootAdmin-thymeleaf-SSTI which can cause RCE

springinspector

针对于Spring框架的自动Java代码审计工具

sqlrecon

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

srdi

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

srdi-rs

Rusty Shellcode Reflective DLL Injection (sRDI) - A small reflective loader in Rust 4KB in size for generating position-independent code (PIC) in Rust.

sshuttle

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

steganography

Simple C++ Image Steganography tool to encrypt and hide files insde images using Least-Significant-Bit encoding.

supernova

Real fucking shellcode encryption tool.

sweetpotato

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

symprocaddress

Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)

symprocsleuth

A pure C version of SymProcAddress

syscallpack

BOF and Shellcode for full DLL unhooking using dynamic syscalls

sysplant

Your syscall factory

sysreptor

Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.

systeminformer

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com

syswhispers2

AV/EDR evasion via direct system calls.

syswhispers3

SysWhispers on Steroids - AV/EDR evasion via direct system calls.

tamperingsyscalls

tangledwinexec

PoCs and tools for investigation of Windows process execution techniques

tartarusgate

TartarusGate, Bypassing EDRs

terminator

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

thefatrat

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software

threadlessinject

Threadless Process Injection using remote function hooking.

threadstackspoofer

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

threatcheck

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

tinynuke

zeus-style banking trojan