info sec

Mark Of The Web bypass

Found a mark of the web bypass in winrar , reported it and got it fixed, so i try to give a bit of background and why bypassing Mark Of The web is now more important than ever to get your MS office macros to execute, and ways to bypass it .

Learn more

wifi hacking

detailed writeup about wifi hacking for skiddies, using wps attacks both offline with pixiewps and online bruteforcing, as well as WPA/WPA2 offline cracking of captured 4 way handshake , and last and best method bruteforcing of captured PMKID.

Learn more

Follina and dogwalk

Tracked as CVE-2022-30190, follina while being actively exploited in the wild , finally gets an official microsoft patch, dogwalk on the other hand, another MSDT vuln with no CVE assigned to it, is still unpatched.

Learn more

My projects

These are some of my red teaming tools and projecs, sometimes i need tools i don't find or the popular tools are easily detected by AVs so the obvious solution is to make my own, enjoy the public ones and feel free to contribute, the private ones well ... maybe u like the idea and you can make a similar tool ,and feel free to reach out to me if you have something to add, correct me on, or help me with , or some question or something you need help with, i'd be happy to do so.

Covenant Tasks addition

Quick and dirty way to add new tasks to covenant i used to update rubeus that enables me to have different versions of rubeus in covenant at the same time and execute depending on the implant .NET version.

Learn more

C2 framework

Asp.net core 3.1 C2 framework with mysql database hosted locally while changing internet facing address to make for harder detection and blacklisting or flagging of public ip address.

Learn more

network scanner

I needed a CLI network scanner no GUI something like nmap but portable in one file i can drop it in other machines and scan from the command line.

didn't find one, created it.

Learn more

chrome decryptor

The goal is to decrypt chrome based browser's saved passwords and creds without dropping any additional dlls to the victim machine (like libsodium which triggers AVs), and so can be executed fully in memory.

Learn more

Browse All

Get in touch

..or don't idk am kind of a ... ok too much of an introvert,i enjoy my own company or my cat's company.. tho it seems HE doesn't... so if you absoluetlyyy have to contact me, see below:

69420 Somewhere in the world #1
behind a keyboard, most likely, TN 00000-0000
(420) 69-6969
dr.brahmiamine@gmail.com
twitter.com/Dr_whoami_
github.com/khraoverflow/
github.com/thou-mayest/
linkedin.com/in/brahmi-amine-75b1321b4/

Design: HTML5 UP