GitHub - ianwolf99/EXPLOIT: The repository contains code snippets to aid in exploit development

#checkout pefile python module

#on your python interpreter

import pefile pe = pefile.PE("file.exe") pe.print_info()

#juicy for windows portable executables

important note:under the proofs-of-concept folder you need ti edit the code inorder for it to work on your side

Encryption is one of those things that will defeat antivirus’ static scanning effectively, because the AV engine can’t crack it immediately. Currently, there are a few encryption/encoding types to protect the shellcode: AES256-CBC, RC4, XOR, and Base64. #but runtime detection will catch this babe

Machine learning scanners would take down softwares with dangerous windows API functions eg VirtualAlloc and WriteProcessMemory

https://cplusplus.com/

checkout this article by Microsoft

https://docs.microsoft.com/en-us/windows/win32/SecBP/avoiding-buffer-overruns

https://docs.microsoft.com/en-us/windows/win32/toolhelp/about-tool-help-functions

Encrypt the shellcode and decrypt in memory....use the CBC mode for AES Algorithim....The key and IV should always be Random....No one cryptography rule...key and IV should always be transmitted securely to the decryptor....

Name		Name	Last commit message	Last commit date
Latest commit History 112 Commits
Exploit_Documentation		Exploit_Documentation
Proof-of-Concepts		Proof-of-Concepts
SYSTEMINTERNALS_suite		SYSTEMINTERNALS_suite
AJIRA.txt		AJIRA.txt
Airline_Ticket.cpp		Airline_Ticket.cpp
Alloc_free.js		Alloc_free.js
Allocation.js		Allocation.js
Array.html		Array.html
DOUBLEPULSAR - Payload_Execution_and_Neutralization.rb		DOUBLEPULSAR - Payload_Execution_and_Neutralization.rb
Double_free.c		Double_free.c
Enum_Drivers.cpp		Enum_Drivers.cpp
Enum_process.cpp		Enum_process.cpp
Enum_process_memory.cpp		Enum_process_memory.cpp
Enum_process_modules.cpp		Enum_process_modules.cpp
FLYER SF.pdf		FLYER SF.pdf
Findinst.py		Findinst.py
GW_exploit.py		GW_exploit.py
Groom_test.cpp		Groom_test.cpp
Heab_Bug.cpp		Heab_Bug.cpp
Heab_Bug.exe		Heab_Bug.exe
Heap.c		Heap.c
Heap_Overflow.c		Heap_Overflow.c
Heap_spray.html		Heap_spray.html
Heap_test.cpp		Heap_test.cpp
Immunity_Assembler.py		Immunity_Assembler.py
Linux_shell.asm		Linux_shell.asm
MIKROTIK.txt		MIKROTIK.txt
MS_DUMP.py		MS_DUMP.py
Nmap_scriptd.txt		Nmap_scriptd.txt
Project_Details.txt		Project_Details.txt
RCE-CVE-2020-16875.rb		RCE-CVE-2020-16875.rb
README.md		README.md
Ransomware.py		Ransomware.py
Reverse_shell.asm		Reverse_shell.asm
Router_scanner.py		Router_scanner.py
SAP.py		SAP.py
SAP_executables.txt		SAP_executables.txt
SCADA local exploits on windows 7 platform.txt		SCADA local exploits on windows 7 platform.txt
SEH_chain.py		SEH_chain.py
Seh.c		Seh.c
Shiftech Company Profile Presentation.pdf		Shiftech Company Profile Presentation.pdf
Spray_Heap.html		Spray_Heap.html
Truncation_Error.c		Truncation_Error.c
UAF.c		UAF.c
Until_IE7.html		Until_IE7.html
VanilaEIP.html		VanilaEIP.html
Windows_drivers.txt		Windows_drivers.txt
attack.js		attack.js
businesslogic.rar		businesslogic.rar
ca-bundle.txt		ca-bundle.txt
cace.txt		cace.txt
cmd_exe.asm		cmd_exe.asm
cookie.js		cookie.js
fY7uwKnhRE2PT3P6pbroJ0S1xwLh2MZbjFXGsYT4Tpc		fY7uwKnhRE2PT3P6pbroJ0S1xwLh2MZbjFXGsYT4Tpc
fY7uwKnhRE2PT3P6pbroJ0S1xwLh2MZbjFXGsYT4Tpc.txt		fY7uwKnhRE2PT3P6pbroJ0S1xwLh2MZbjFXGsYT4Tpc.txt
ftp_fuzzer.py		ftp_fuzzer.py
fuck_heap.c		fuck_heap.c
hsts.py		hsts.py
info.txt		info.txt
int_overflow.c		int_overflow.c
integer_overflow.c		integer_overflow.c
models.py.py		models.py.py
net.txt		net.txt
overflow.c		overflow.c
pdf24_converted (4).pdf		pdf24_converted (4).pdf
port_forwad.py		port_forwad.py
powershell_attack.txt		powershell_attack.txt
powerup.ps1		powerup.ps1
print_badchars.py		print_badchars.py
private-key.txt		private-key.txt
python_fuzzer.py		python_fuzzer.py
ret_eip.c		ret_eip.c
router_admin.py		router_admin.py
sapwn-disarmed.py		sapwn-disarmed.py
signed_certificates.txt		signed_certificates.txt
smash_test.cpp		smash_test.cpp
smash_test.txt		smash_test.txt
squidcert.conf		squidcert.conf
stack.c		stack.c
trainbot.py		trainbot.py
unlink-security.c		unlink-security.c
unsafe_unlinkExploit.c		unsafe_unlinkExploit.c
vulnerable.c		vulnerable.c
vulnserver_fuzz.py		vulnserver_fuzz.py
windbg_heap.txt		windbg_heap.txt
windows_bind.asm		windows_bind.asm

ianwolf99/EXPLOIT

Folders and files

Latest commit

History