VirtualAllocEx

@VirtualAlllocEx

Founder RedOps | Red Team

RedOps GmbH

811

Followers

Following

Public Repos

Private Repos

Language Breakdown

Lines of code distribution across 15 owned repositories

222K Total LOC

141,504 lines

63.7%

N/A

HTML

23,649 lines

10.6%

N/A

C++

20,349 lines

9.2%

N/A

Assembly

12,891 lines

5.8%

N/A

PowerShell

5,598 lines

2.5%

N/A

Other

18,178 lines

8.2%

N/A

I-Shaped Developer

I-shaped

Specialist — deep expertise in C

HTML

C++

Assembly

PowerShell

Collaboration Network

Global Impact visualization

LIVE

0 active collaborators

Repos

PRs

Growth

+18%

Top Collaborators

No collaborator data yet.

Coding Streak

Contribution activity over the past year

6 days

1,504

Contributions

Commits

Pull Requests

Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun

Based on GitHub activity

Less

Followers 811

YouGOKU

@Yousef-G0

coco

@ritsuryo

ALISA EVA RED-TEAM REVERSECODE-TEAM

@AlisaCodeDragon

Rainer Christian Björn Herold

@Jarl-Bjoern

LinRaymond2006

@LinRaymond2006

View All

Following

17 total

Jean-François Maes

@jfmaes

RedTeams

@RedTeams

midnite_runr

@secretsquirrel

Ceri Coburn

@CCob

S3cur3Th1sSh1t

@S3cur3Th1sSh1t

View All Network

Synced via GitHub

Top Repositories

DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

761 108

Payload-Download-Cradles

This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.

259 57

PowerShell

Create-Thread-Shellcode-Fetcher

This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)-webserver.

258 51

C++

Direct-Syscalls-vs-Indirect-Syscalls

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

243 25

Direct-Syscalls-A-journey-from-high-to-low

Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).

147 27

HWBP-DEP-Bypass

Educational proof-of-concept demonstrating DEP/NX bypass using hardware breakpoints, vectored exception handling, and instruction emulation on Windows x64. For security research and learning purposes only.

98 12

Taskschedule-Persistence-Download-Cradles

Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged

89 20

HTML

DSC_SVC_REMOTE

This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service path, etc. The payload itself can be remotely hosted, downloaded via the wininet library and then executed via direct system calls.

55 11

CS-EDR-Enumeration

Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from silent in-process BOF to full PowerShell/WMI.

47 6

Create_Thread_Inline_Assembly_x86

This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly

20 9

C++

Open Source Impact

Contributions to external projects

0 merged PRs

No external contributions found.