-
Les tutos de Processus
- Reims, France
- https://processus.site
- @ProcessusT
- in/christopher-thiefin
Highlights
- Pro
-
HavocHub Public
PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are relayed through Issues and Comments for maximum stealth.
-
Dictofuscation Public
Obfuscate the bytes of your payload with an association dictionary
-
Venoma Public
Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
-
aspyco Public
Aspyco is a python script that permits to upload a local binary through SMB on a remote host. Then it remotely connects to svcctl named pipe through DCERPC to create and start the binary as a service.
-
LoadThatPE Public
A simple PE Loader tool that loads a PE from memory, decrypt it, resolve its imports, relocate its sections, and redefine its entry point to execute seamlessly from memory
-
MasterKeyBrute Public
Bruteforce DPAPI encrypted MasterKey File from Windows Credentials Manager
-
Another example of Azure AD Authentication Passthrough exploitation to intercept LogonUserW API calls
-
NetExec Public
Forked from Pennyw0rth/NetExecThe Network Execution Tool
Python BSD 2-Clause "Simplified" License UpdatedOct 16, 2024 -
Automated-C2 Public
Automate your C2 creation with Azure Frontdoor and randomly generated options
-
RemClip Public
RemClip is a C# project which permits to steal user clipboard data and send it to a remote web server under attacker control
-
HEKATOMB Public
Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers and uses Domain ba…
-
RedTeaming-Tactics-and-Techniques Public
Forked from mantvydasb/RedTeaming-Tactics-and-TechniquesRed Teaming Tactics and Techniques
-
SharpVenoma Public
CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
-
MikNet Public
Autonomous red team implementation allowing sound capture and broadcast through an untraceable front-end server to the attacker's station
-
blackarch Public
Forked from BlackArch/blackarchAn ArchLinux based distribution for penetration testers and security researchers.
Shell Other UpdatedFeb 11, 2024 -
PsNotifRoutineUnloader Public
This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCreateThreadNotifyRoutine from ESET Security to bypass the dri…
-
UnhookingDLL Public
This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing
-
DetectEsetHooks Public
Tool to enumerate ESET hooked functions by parsing the ebehmoni.dll module
-
IndirectSyscalls Public
A custom reimplementation of indirect syscalls without the use of GetModuleHandleA and GetProcAddress
-
EnumSSN Public
Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current process
-
La-Gamelle Public
Tous les trucs utilisés dans les Tutos, les shellcodes, les templates, les notes...
-
-
invit-bomber Public
Script python permettant d'envoyer en masse des invitations sur LinkedIn
-
ESEDHOUND Public
ESEDHOUND is a python script that extract datatable from the ntds.dit file to retrieve users, computers and groups. The goal is to send all the infos into Bloodhound to help incident responders for…
-
libesedb Public
Forked from libyal/libesedbLibrary and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format.
-
-
Killer Public
Forked from 0xHossam/KillerIs a tool created to evade AVs and EDRs or security tools.
-
CodeCaveInjection Public
Test d'injection de shellcode dans un fichier PE 64bits
-
-