pawpatrolryder Goto Github PK

pony

Pony 2.0 Stealer

power-kill

power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes

pplblade

Protected Process Dumper Tool

presentations

processinjection-go

Shellcode encryption in RC4 and process injection into explorer.exe.

pupy-python-rat

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

qakbot-

rc4coder

rc4 directory file

realthinclient-sdk

RealThinClient SDK - Delphi components for building HTTP(S) applications

redelk-c2-

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

redguard

RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.

redwardenlite

A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.

reflectiventdll

A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber

reflexxion

RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtCreateSection, NtOpenSection and NtMapViewOfSection found in the LdrpThunkSignature array.

remoteconnection-manager

delphi

revenant-implant-shellcode

Revenant - A 3rd party agent for Havoc that aims to demonstrate evasion techniques in the context of a C2 framework

runasattached

RunAsAttached is a program to locally run a new terminal as another user without spawning a new console window.

rustdesk

Open source virtual / remote desktop infrastructure for everyone! The open source TeamViewer alternative. Display and control your PC and Android devices from anywhere at anytime.

rustdesk-1

基于rustdesk修改的远程桌面软件，将agent部分分离出来

sandman

Sandman is a NTP based backdoor for red team engagements in hardened networks.

sc4cpp

sc4cpp is a shellcode framework based on C++

scaninfo

fast scan for redtools

sectool

Cybersecurity tool repository / Wiki 收录常用 / 前沿 的CTF和渗透工具以及其 官方/使用 文档，致力于让每个工具都能发挥作用ww，不管你是萌新还是领域从业者希望你都能在这里找到适合你的工具或者获得一定的启发。

serverscan

ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

sharpbeacon_cobaltstrike

CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon，其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能

sharpgetuserloginiprpc

提取域控日志，支持远程提取

shellcode-factory

shellcode 生成框架

shellcode-hide

This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)

shellcodefluctuation-sleep-project

An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents

shellcodeloader

shellcodeloader