Skip to content
View SaadAhla's full-sized avatar
💭
i wonna be great someday
💭
i wonna be great someday

Sponsors

@VirtualAlllocEx

Highlights

  • Pro

Block or report SaadAhla

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
SaadAhla/README.md

💻 Custom Tool

Would you like me to make a custom Tool, Evaluate your defenses, or Emulate APTs? Contact me at LinkedIn or Telegram

📈 My GitHub Stats

SaadAhla's GitHub Stats

❤️ Sponsoring

buy me a coffee.

Popular repositories Loading

  1. FilelessPELoader FilelessPELoader Public

    Loading Remote AES Encrypted PE in memory , Decrypted it and run it

    C++ 906 191

  2. Shellcode-Hide Shellcode-Hide Public

    This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)

    C++ 410 106

  3. TakeMyRDP TakeMyRDP Public

    A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing it to record keystrokes in certain contexts (like in mstsc.ex…

    C++ 383 63

  4. D1rkLdr D1rkLdr Public

    Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time

    C++ 305 60

  5. UnhookingPatch UnhookingPatch Public

    Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime

    C++ 300 51

  6. NTDLLReflection NTDLLReflection Public

    Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table

    C++ 293 44