Welcome to Hacker House open-source releases. All files released by Hacker House are available under a software is licensed under Apache 2.0 + Commons Clause license unless otherwise explicitly stated. These repositories provide educational content for ethical hacking and cyber security practioners. Use in ANY criminal activity is strictly prohibited and against the terms of the software license agreement. A table is provided here to help navigate.
| URL | Repository Name | Description |
|---|---|---|
| backdoors | backdoors | Tools for maintaining access to systems and proof-of-concept demonstrations. |
| exploits | exploits | exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House |
| shellcode | shellcode | shellcode are codes designed to be injected into the memory space of another process during exploitation. |
| tools | tools | A collection of tools created for computer security research purposes. |
| documents | documents | Papers, presentations and documents from the team at Hacker House. |
| OffensiveLua | OffensiveLua | Offensive Lua. A project to create Lua hacking scripts for Windows platforms. |
| telnetclientpoc | telnetclientpoc | Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit |
| AESCrypt | AESCrypt | AES-256 Microsoft Cryptography API Example. |
| SignToolEx | SignToolEx | Hack "signtool.exe" to use expired certificates for code-signing |
| SetupHijack | SetupHijack | SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes. |
| Marble | Marble Framework | Marble Framework allows for flexible and easy-to-use obfuscation when developing tools, fixed source from Wikileaks |
| WMIProcessWatcher | WMI Process Watcher | A CIA tradecraft technique to asynchronously detect when a process is created using WMI. |
| Artillery | Artillery | A CIA technique for UAC bypass which utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator for persistence. |
| Stinger | Stinger | A CIA technique for UAC bypass that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as administrator. 20% cooler |
| iscsicpl_bypassUAC | iscsicpl_bypassUAC | UAC bypass for x64 Windows 7 - 11 |
| CompMgmtLauncher_DLL_UACBypass | CompMgmtLauncher_DLL_UACBypass | CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive |
| Gigabyte_ElevatePersist | Gigabyte_ElevatePersist | Giga-byte Control Center (GCC) Elevation & Persist |
| cve-2021-34527 | cve-2021-34527 | CVE-2021-34527 AddPrinterDriverEx() Privilege Escalation |
| MsSettingsDelegateExecute | MsSettingsDelegateExecute | Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key. |
| NoFaxGiven | NoFaxGiven | Code Execution & Persistence in NETWORK SERVICE FAX Service |
| hfioquake3_DoS | hfioquake3_DoS | ioquake3 engine is vulnerable to a remotely exploitable off-by-one overflow |
| envschtasksuacbypass | envschtasksuacbypass | Bypass UAC elevation on Windows 8 (build 9600) & above. |
| ColorDataProxyUACBypass | ColorDataProxyUACBypass | Exploits undocumented elevated COM interface ICMLuaUtil to trigger UAC bypass. Win 7 & up. |
| cve-2018-10933 | cve-2018-10933 | cve-2018-10933 libssh authentication bypass |
| electionhacking | electionhacking | Diebold Accuvote-TSx Election Machine Hacking |
| rebirth | rebirth | rebirth IOS11 - 11.3.1 jailbreak security research utility |
| pyongyang_2407 | pyongyang_2407 | Pyongyang 2407 - Android ROM from North Korea, hardware and booting instructions. |
| MoneroMiner | MoneroMiner | A high-performance Monero (XMR) mining implementation in C++ using the RandomX algorithm. |