Projects in Awesome Lists by ProcessusT
A curated list of projects in awesome lists by ProcessusT .
https://github.com/processust/hekatomb
Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers and uses Domain backup keys to decrypt them.
activedirectory blob dpapi masterkey python secrets windows
Last synced: 07 Apr 2025
https://github.com/processust/etwmonitor
Windows notifier tool that detects suspicious connections by monitoring ETW event logs
Last synced: 12 Apr 2025
https://github.com/processust/unhookingdll
This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing
bypass dll-unhooking edr etw process-hollowing shellcode
Last synced: 16 Oct 2025
https://github.com/processust/psnotifroutineunloader
This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCreateThreadNotifyRoutine from ESET Security to bypass the driver detection
Last synced: 19 Jul 2025
https://github.com/processust/vulnspy
VULNSPY regularly retrieves the latest alerts published by the CERT-FR and the related vulnerabilities with their CVSS score and allows you to notify by email or by discord if a defined threshold is exceeded
cert-fr discord nist notification python3 vulnerabilities
Last synced: 12 Apr 2025
https://github.com/processust/dictofuscation
Obfuscate the bytes of your payload with an association dictionary
Last synced: 10 Jun 2025
https://github.com/ProcessusT/Dictofuscation
Obfuscate the bytes of your payload with an association dictionary
Last synced: 16 May 2025
https://github.com/processust/bypass-av-directsyscalls
Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de shellcode préalablement obfusqué avec un fonction XOR.
Last synced: 28 Oct 2025
https://github.com/processust/enumssn
Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current process
Last synced: 11 Apr 2025
https://github.com/processust/masterkeybrute
Bruteforce DPAPI encrypted MasterKey File from Windows Credentials Manager
blobs credentials decryption dpapi masterkeys microsoft python3 windows
Last synced: 22 Apr 2025
https://github.com/processust/processus-apk
L'application officielle des Tutos de Processus
Last synced: 12 Apr 2025
https://github.com/processust/payloaddropper
Un dropper de payload indétectable qui désactive l'antivirus Windows Defender puis paramètre un fichier batch à l'ouverture de session de l'utilisateur courant pour télécharger netcat et initier une connexion de type reverse shell vers un serveur C2.
Last synced: 07 Jan 2026
https://github.com/processust/reverse_shell_udp
Un simple reverse shell indétectable (1/65 sur virustotal au 12/02/2022) écrit en C# qui utilise un client socket UDP sur le port 53 (port DNS) Ce script a été développé pour être utilisé sur le lab professionnel Rastalabs sur la plateforme HackTheBox et n'est pas prévu pour une utilisation différente.
Last synced: 12 Apr 2025
https://github.com/processust/la-gamelle
Tous les trucs utilisés dans les Tutos, les shellcodes, les templates, les notes...
Last synced: 12 Apr 2025
https://github.com/ProcessusT/ProcBinder
Un simple client-serveur avec connexions gérées via Socket. Le client est écrit en C et le serveur en Python. J'ai commencé ce projet pour approfondir mes (très faibles) bases en C, soyez indulgents ! :)
Last synced: 08 Apr 2025
https://github.com/processust/automated-c2
Automate your C2 creation with Azure Frontdoor and randomly generated options
Last synced: 12 Apr 2025
https://github.com/processust/procbinder
Un simple client-serveur avec connexions gérées via Socket. Le client est écrit en C et le serveur en Python. J'ai commencé ce projet pour approfondir mes (très faibles) bases en C, soyez indulgents ! :)
Last synced: 12 Apr 2025
https://github.com/processust/remclip
RemClip is a C# project which permits to steal user clipboard data and send it to a remote web server under attacker control
clipboard credentials remote stealer
Last synced: 12 Apr 2025
https://github.com/processust/detectesethooks
Tool to enumerate ESET hooked functions by parsing the ebehmoni.dll module
Last synced: 12 Apr 2025
https://github.com/processust/ovh_public_cloud_-_post_installation_script
OVH_Public_Cloud_-_POST_INSTALLATION_SCRIPT
Last synced: 12 Apr 2025
https://github.com/processust/dpapi_reverter
Packer en Powershell qui permet de déchiffrer les identifiants enregistrés dans le gestionnaire d'identifications de Windows grâce à l'outil Mimikatz
Last synced: 12 Apr 2025
https://github.com/processust/bypass-av-processhollowing
Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Process Hollowing avec une injection de shellcode préalablement obfusqué avec un fonction XOR.
Last synced: 01 Aug 2025
https://github.com/processust/scanner-powershell
Script Powershell pour récupérer les infos de base d'un poste Windows et les récupérer par email.
Last synced: 12 Apr 2025
https://github.com/processust/ctf-hacksecureims-2022
Les challenges que j'ai fais pour le CTF de la HackSécuReims 2022
Last synced: 07 Jan 2026
https://github.com/processust/python-ssh-bruteforcer
Script python3 qui permet de scanner toutes les adresses publiques d'internet et de démarrer une session de bruteforce si le port 22 est ouvert
Last synced: 29 Mar 2025
https://github.com/processust/image-comparer
Script de comparaison d'images en python
Last synced: 05 Sep 2025
https://github.com/processust/invit-bomber
Script python permettant d'envoyer en masse des invitations sur LinkedIn
Last synced: 29 Mar 2025
https://github.com/processust/codecaveinjection
Test d'injection de shellcode dans un fichier PE 64bits
Last synced: 17 Aug 2025
https://github.com/processust/kernel-shell
Un simple module qui permet d'exécuter une commande depuis le Kernel dans le Userland
Last synced: 19 Apr 2025
https://github.com/processust/esedhound
ESEDHOUND is a python script that extract datatable from the ntds.dit file to retrieve users, computers and groups. The goal is to send all the infos into Bloodhound to help incident responders for identifying AD objects.
Last synced: 11 Apr 2025
https://github.com/processust/ad-users-enum
Enumerate all users and their SID from LDAP
Last synced: 11 Apr 2025
https://github.com/processust/list_connexions
liste les dernières ouverture/fermeture de sessions depuis le gestionnaire d'évènements Windows
Last synced: 07 Jan 2026
https://github.com/processust/hashdump
Un simple exécutable pour récupérer les hashs de la table SAM sous Windows
Last synced: 08 Jan 2026
https://github.com/processust/exploitation-buffer-overflow-windows-32-bits-
Last synced: 21 Jan 2026
https://github.com/processust/whistler
Un simple code en C# pour monter le volume de tous les périphériques audio à fond et émettre un bip puis afficher un gentil message
Last synced: 29 Mar 2025
https://github.com/processust/crowdsec_to_misp
Simple Python script to extract suspicious IPs from Crowdsec sqlite database and inject them into your MISP
Last synced: 03 Jul 2025
https://github.com/processust/procbinder-fullpython
Un client-serveur via socket entièrement écrit en Python3
Last synced: 30 Aug 2025
https://github.com/processust/macfilterexecution
Un simple script C qui permet de lancer un script bash contenu dans une partition chiffrée avec LUKS.
Last synced: 19 Apr 2025
https://github.com/processust/loadthatpe
A simple PE Loader tool that loads a PE from memory, decrypt it, resolve its imports, relocate its sections, and redefine its entry point to execute seamlessly from memory
Last synced: 03 Jul 2025
https://github.com/processust/freexegol
Freexegol is a free, open-source, and lifetime alternative to the Exegol project. Designed for the community, Freexegol provides a powerful, unrestricted platform for Docker container management—tailored for penetration testing and red teaming activities.
docker free pentest python redteam wrapper
Last synced: 20 Jun 2025
https://github.com/processust/havochub
PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are relayed through Issues and Comments for maximum stealth.
c2 github havoc havoc-framework python redteam
Last synced: 20 Jun 2025