abdulkadir-gungor,Abdulkadir Güngör,github

block_smartscreen_and_security_center_on_windows_operating_systems

Blocking smartscreen, security center, forensic processes and 3rd party security applications on Windows Operating Systems

Information stored in applications is decrypted using DPAPI. In this way, attacker passwords may be captured. For use in attack scenarios, two applications written in Python language have been developed that steal the information stored in internet browsers: 1-Browser Stealer, 2-Browser Stealer Report

file_research_library

"File Research Library" <Language:English>It helps you examine document type files.</Language:English><Language:Turkish>Doküman türü dosyaları incelemenize yardımcı olur.</Language:Turkish>

ghost

"Ghost (RAT)" -> Reverse shell and management console for Windows

gngr_local_keylogger_for_windows

(On 06/04/2021) Local Keylogger software has been made for the latest up-to-date "Windows 7, 8 and 10" operatings systems. It managed to circumvent the "Windows Defender" program.

gngr_network_tools

It is a tool for Windows operating systems that offer features such as "Show interface, Port scanner, network scanner, tracing route to ip, show registered wi-fi(s) and password"

gngr_proxy_harvester

It checks the free proxy addresses it collects from websites and saves the working proxy addresses to the file.

gngr_remote_keylogger

(On 09/04/2021) Remote Keylogger software has been made for the latest up-to-date "Windows 7, 8 and 10" operatings systems. It managed to circumvent the "Windows Defender" program.

gngr_requests

Allows creating and tracking http and https protocol calls. It also supports Proxy.

htmlsmuggling

HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and JavaScript features to hide malicious payloads and evade security detections. The HTML smuggling method is highly evasive. It could bypass standard perimeter security controls like web proxies and email gateways, which only check for suspicious attachments like EXE, DLL, ZIP, RAR, DOCX or PDF

jpgtomalware

It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.

linux_binary_for_malware_analysis

"Linux Binary For Malware Analysis" eğitim amacıyla oluşturulmuştur.

process_monitoring_tools

It is a program written in Python3 in order to facilitate process analysis and to easily access Windows process tools. In this way, it facilitates malware analysis processes. In addition, processes running in the background can be detected. After the program is started, it continues to run in the background. Afterwards, the tools can be accessed on the system tray.

pssw100avb

A list of useful Powershell scripts with 100% AV bypass (At the time of publication).

python_smtp

Sending email with python via smtp protocol

scapy_library_for_wifi

"Scapy Library For Wifi" (Eğitim amacıyla) Scapy Kütüphanesindeki fonksiyonları kullanan WiFi bağlantısına yönelik betik kodlardır. Kullanılmak amacıyla kendi kütüphane fonksiyonları oluşturulmuştur. Kali linux işletim sisteminde kullanılmak için geliştirilmiştir.

shodan_search

Based on the Shodan API, it displays the open ports and security vulnerabilities of the server related to the entered ip or hostname.

simple_malware_analysis_for_documents

"Simple Malware Analysis For Documents"<Language:English>It helps you to analyze in document type files. </Language:English><Language:Turkish>Doküman türü dosyalarda analiz yapmanıza yardımcı olur.</Language:Turkish>

sqlite3

It is a github directory that covers projects such as sqlite3 database usage, operation and recovery of deleted data using Python language.

ziptomalware

It embeds the executable file or payload inside the zip/rar file. It can use two different methods. The first method embeds the executable or payload in the zip/rar file without any action. In this way, it can be triggered and run by documents in the compressed file or in the same folder. The second method encrypts the executable file or payload and it also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime. Both methods do not damage the rar/zip file. It is not detected by users. However, the first method can be detected by the antivirus depending on the code embedded.

abdulkadir-gungor Goto Github PK

Abdulkadir Güngör's Projects

Recommend Projects

Recommend Topics

Recommend Org