Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

A remote control program based on Gh0st: 实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能，优化全部代码及整理排版，修复内存泄漏缺陷，程序运行稳定。项目代码仅限于学习和交流用途。

A tool for getting site cookie from browser

A collection of position independent coding resources

从内存中提取浏览器和Todesk用户凭证

INDI 3rd Party drivers repository

RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++

Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.

Extracting Clear Text Passwords from mstsc.exe using API Hooking.

A cross platform C2/post-exploitation framework.

C++ IPC Library: A high-performance inter-process communication using shared memory on Linux/Windows.

A simple keylogger for Windows, Linux and Mac

强大的敏感信息搜索工具

一款综合性网络安全检测和运维工具，旨在快速资产发现、识别、检测，构建基础资产信息库，协助甲方安全团队或者安全运维人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

Anti-cheat library for Windows C++

A tool to view and extract the contents of an Windows Installer (.msi) file.

bypass 360,huorong,tencent,defender with Split loading technique and unhooking

🪅 Windows User Space Emulator

🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP po…

Reverse SOCKS5 implementation in Go

快速内存搜索算法，商用级别

Dump cookies and credentials directly from Chrome/Edge process memory

Server/Client SOCKS5 (RFC 1928) in Reverse mode on Windows

Core Submodule of Exploration C2

A collections of methods to sleep on Windows using common and less-so-common techniques

Defund the Police.

Automated DLL Sideloading Tool With EDR Evasion Capabilities

uefi diskless persistence technique + OVMF secureboot bypass

Scan vulnerable drivers on Windows with loldrivers.io