- Brasil, Bahia
- http://mh4x0f.github.io
- @mh4x0f
Lists (1)
Sort Name ascending (A-Z)
Stars
Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
A x64 Windows Rootkit using SSDT or Hypervisor hook
An open source (GPLv3) deobfuscator and unpacker for Eziriz .NET Reactor
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
A set of programs for analyzing common vulnerabilities in COM
Tool for interacting with outlook interop during red team engagements
Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
HookChain: A new perspective for Bypassing EDR Solutions
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler
DeviceFarmer / stf
Forked from openstf/stfControl and manage Android devices from your browser.
A small x64 library to load dll's into memory.
A library for patching, replacing and decorating .NET and Mono methods during runtime
Perfect DLL Proxying using forwards with absolute paths.
ZMK Split Battery Status in system tray
Opensource tool for peripheral battery monitoring zmk split keyboard over BLE for linux
Visualize keymaps that use advanced features like hold-taps and combos, with automatic parsing
A ZMK module to add battery & BT indicators using an RGB LED (like in Xiao BLEs)
A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
LOCAL AND REMOTE HOOK msv1_0!SpAcceptCredentials from LSASS.exe and DUMP DOMAIN/LOGIN/PASSWORD IN CLEARTEXT to text file.
A native, user-mode, multi-process, graphical debugger.
Template-Driven AV/EDR Evasion Framework
indirect syscalls for AV/EDR evasion in Go assembly
Tree of Attacks (TAP) Jailbreaking Implementation