This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate and use whatever token present at any process

Owner
lab52.io
Lab52 is the threat intelligence division of S2 Grupo, an international cybersecurity company that offers its services around the world.
lab52.io
Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes

HalosGate Processlist Cobalt Strike BOF Cobalt Strike Beacon Object File (BOF) that uses a custom HalosGate & HellsGate syscaller, written in assembly

Bobby Cooke 42 Dec 3, 2021
Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's.

Cobalt Strike "Where Am I?" Beacon Object File Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environmen

Bobby Cooke 75 Nov 5, 2021
A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows

WindowsPermsPoC A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows You can build i

Lorenzo Maffia 55 Nov 25, 2021
Linux x86_64 Process Injection Utility | Manipulate Processes With Customized Payloads (beta)

K55 - Linux x86_64 Process Injection Utility (C++11) About K55 (pronounced: "kay fifty-five") The K55 payload injection tool is used for injecting x86

Josh Schiavone 53 Oct 14, 2021
Two programs to find the LCM of two positive integers.

LCM-finders LCM-finders? LCM-finders is the repo for my LCM finder projects. I made this program in two similar languages. ?? Note: Two languages mean

Chandula Janith 0 Nov 27, 2021
Two mice, two cursors

Mouse multiplexer This is Arduino code that makes it possible to have two mouse cursors when connecting two USB mice to the same machine. It works on

Jacek Fedoryński 8 Nov 26, 2021
A couple of demos showing how to use the Ultra Low Power coprocessor on the ESP32

ESP32 Ultra Low Power (ULP) coprocessor You can watch a video explanation of this code here This repo contains two demo project: ulp-gpio Shows you ho

atomic14 2 Oct 28, 2021
Mario Kart 7 semi-primary exploit for the Nintendo 3DS.

kartdlphax kartdlphax is a semiprimary exploit for the download play mode of Mario Kart 7. It can be used to run an userland payload in an unmodified

PabloMK7 33 Sep 19, 2021
Arduino-compatible development platform whose primary function is a clock

MakeTime Arduino-compatible development platform whose primary function is a clock Description MakeTime is a clock that uses a ring of 24 RGB LEDs to

null 3 Oct 11, 2021
C++ POC to write addintional credentials into LSASS process

LSASS_Injection_CreateProcessWithLogonW C++ POC to write addintional credentials into LSASS process Usage: LSASS_Injection_CreateProcessWithLogonW USE

null 2 Nov 15, 2021
EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode

HOLLOW - Cobalt Strike BOF Authors: Bobby Cooke (@0xBoku) Justin Hamilton (@JTHam0) Octavio Paguaga (@OakTree__) Matt Kingstone (@n00bRage) Beacon Obj

Bobby Cooke 143 Nov 29, 2021
Poc to test my little friend features without any sdk

poc.vic-hack POC to test my little friend "vector" features without any sdk Ultimate goal - being able to write own firmware components without propri

Oleg Lytvynenko 6 Jun 30, 2021
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file

Process Ghosting This is my implementation of the technique presented by Gabriel Landau: https://www.elastic.co/blog/process-ghosting-a-new-executable

hasherezade 360 Dec 5, 2021
Node running standalone on PC, with interface - self-containing all dependencies

GMD Node Windows Application It is the GMD Node App for Windows packaged in a simple "one-click" installer containing all necessary dependencies. We a

Geoma COOP 2 Nov 22, 2021
A tool to kill antimalware protected processes

Backstab Kill EDR Protected Processes Have these local admin credentials but the EDR is standing in the way? Unhooking or direct syscalls are not work

Yasser 595 Dec 4, 2021
Protect your Discord token from malicious grabbers!

Discord Token Protector Protect your Discord token from malicious grabbers! This project is still under development! You might face some unstability i

Andro24 62 Nov 27, 2021
Advanced C++ Discord Token Grabber ( FUD )

DTGPlusPlus C++ Discord Token Grabber ( FUD ) ?? Features » High Speed High Execution Rate Using Win32 API Low Size Without Dependence ( Support Win X

null 6 Nov 9, 2021
Stop getting your token grabbed.

DiscordAntiScam Stop getting your token grabbed. The general idea is this is a MiniFilter, which intercepts file operations, and will block programs a

null 3 Nov 16, 2021
Advanced discord token grabber builder with GUI

Token-Grabber-Builder Advanced discord token grabber builder with GUI Screenshot Features Hidden console High execution speed Grab discord tokens Stea

RadonCoding 2 Dec 2, 2021