ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.

UAC bypass by abusing RPC and debug objects.

mXtract - Memory Extractor & Analyzer

Venom is a library that meant to perform evasive communication using stolen browser socket

Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

Remote Shellcode Injector

Collection of random RedTeam scripts.

「💀」Proof of concept on BYOVD attack

Small PoC of using a Microsoft signed executable as a lolbin.

PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)

A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educational use only.

C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked

A Bumblebee-inspired Crypter