0xKen

HashDump-BypassEDR：https://t.co/oa8qQcuUd1 通过系统白程序 Reg.exe 的拓展应用，巧妙绕过EDR的拦截点，实现绕过EDR从而DumpHash😈 该方法针对Windows系列均有效，操作难度不大，具有实战价值🥳 本项目实战文章：https://t.co/IcjVWYtjBY 源代码和Release已发布，师傅们麻烦点个Star，万分感谢！😍

GitHub - samftggr/VEN0m-Ransomware: Demonstrate how a signed driver can bypass defenses to deploy ransomware on Windows 11 with advanced AV and UAC evasion techniques. · GitHub https://t.co/bMPcb44YVI

The ultimate Red Team toolkit for phishing operations. https://t.co/lxuSxrQOWA

Cobalt Strike BOF used to perform privilege escalation by exploiting the SeImpersonate privilege. Based on the original GodPotato PoC by BeichenDream. https://t.co/knpUpf4JMH

Win64PalisadeSecurity: A Modern, Novel Security Tool That Is Lightweight and Modular. It Works In Modules. https://t.co/yoZxQYmFaE

AddUser-SAMR. Create local administrators using the SAMR API, operating at a lower level than net.exe, PowerShell's New-LocalUser or NetUserAdd API https://t.co/0vlfGyxG5x

Async BOF to capture KeePass master passwords by detecting and keylogging locked database windows. https://t.co/Pgiml2PSOA

Atomic BOFs https://t.co/VRDxY5InwN

Been very interested in Async BOFs lately and implemented a few for use with Conquest. The first implements Rubeus monitor as a BOF and notifies when TGTs are collected. The second monitors for clipboard changes and returns them. https://t.co/p7hmjv4kAq https://t.co/Kdo9FG9Fba

Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system https://t.co/UWb8lsdCOW

NousResearch/hermes-agent: The agent that grows with you https://t.co/P8voMrqpMD

CVE-2025-8061: From User-land to Ring 0 https://t.co/rtDaQSi9wd

Fixing Mimikatz sekurlsa::logonpasswords on Windows 11 24H2/25H2 https://t.co/PHUAtIgPe6

Releasing GodPotatoBOF: Cobalt Strike BOF used to perform privilege escalation by exploiting the SeImpersonate privilege. OPSEC safe alternative to the .NET version. Based on the original GodPotato PoC by BeichenDream. https://t.co/T1Cey2GZ4h