Hannn's Projects
A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.
A repository filled with ideas to break/detect direct syscall techniques
Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
Easy Anti PatchGuard
Halos Gate-based NTAPI Unhooker
JALSI - Just Another Lame Shellcode Injector
Windows PDB parser for kernel-mode environment.
This is a port of AMSI.fail,i modify the code to make it C# 5 compatible and can be executed on Windows 10 without installing any extra requirements.AMSI.fail itself generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
Automated Tool That Generates The Perfect Meterpreter Powershell Payload
Nice try reading NTDLL from disk, nerd.
Abusing nvidia driver (nvaudio.sys) for physical/virtual memory and control register manipulation.
Hooking Shadow and normal SSDT with Kaspersky Hypervisor and abusing alignment
Web project (testing)
Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)
Some random shits for random things
My implementation of Halo's Gate technique in C#
An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.
C# Based Universal API Unhooker
Your NTDLL vaccine from modern direct syscall methods.
One gate to all syscalls!
Extracting Syscall Stub, Modernized
Recursive and arbitrary code execution at kernel-level without a system thread creation