Guard Pages Hooking
C# PoC of Guard Pages hooking. It is a type of API hooking which can be achieved from userland and does not require patching functions.
SharpEA - Playing with Extended Attributes (EAs) using C#
C# program to read, write and delete Extended Attributes (EAs) to “hide” malicious payloads within NTFS filesystems.
SharpADS - Playing with Alternate Data Streams (ADS) using C#
C# program to write, read, delete or list Alternate Data Streams (ADS) within NTFS.
Github Star Counter
Python script to count exact total number of stars for any Github user
C# implementation of GetModuleHandle
GetModuleHandle implementation in C# using only the NtQueryInformationProcess API call.
C# implementation of GetProcAddress
GetProcAddress implementation in C# using only the ReadProcessMemory API call.
jeringuilla - Process injection framework in C#
jeringuilla is a tool for easy process injection. It implements several types of process injection and uses dynamic function loading using delegates and AES to encrypt payloads and strings, so the function names are not easiliy retrievable.
Portswigger Labs Writeups
I solved and created writeups for each Apprentice and Practitioner-level Portswigger lab. In this post you can find the payloads and information about the vulnerability type for each step of the exam.