43 open source projects by 3gstudent

Turn a normal PDF file into malicious.Use to steal Net-NTLM Hashes from windows machines.

Learn from Casey Smith @subTee

Use powershell to list the RDP Connections History of logged-in users or all users

C/C++ code examples of my blog.

Remove individual lines from Windows XML Event Log (EVTX) files

Use CLR to inject all the .NET apps

blog

Automatically scan the inner network to detect whether they are vulnerable.

Process Doppelgänging

Use to check the valid account of the Remote Desktop Protocol(Support plaintext and ntlmhash)

Asynchronous Procedure Calls

Use python to perform Kerberos pre-auth bruteforcing

C Sharp codes of my blog.

No inline asm,support x86/x64

Use Waitfor.exe to maintain persistence

Use to browse the share file by eas(Exchange Server ActiveSync)

2 ways of Password Filter DLL to record the plaintext password

just test

source&exe

Use NT Native Registry API to create a registry that normal user can not query.

Search for available domain from expireddomains.net

Powershell to copy ntds.dit

Use powershell to test Office-based persistence methods

Go code examples of my blog.

Small modification version of p0wnedShell

No description, website, or topics provided.

Remove individual lines from Windows Event Viewer Log (EVT) files

Learn from Casey Smith@subTee

Create a hidden account

Penetration test

No description, website, or topics provided.

Powershell to CodeExecution and ProcessInjection

Use subProcessTag Value From TEB to identify Event Log Threads

From Windows SDK

Support x86 and x64

Use to build an anonymous SMB file server.

Execute DLL via the Excel.Application object's RegisterXLL() method

old blog

use COM Object hijacking to maintain persistence.(Hijack CAccPropServicesClass and MMDeviceEnumerator)

Use to generate DLL through Visual Studio

Use to perform Microsoft exchange account brute-force.