Skip to content
/ nullsec-win Public

πŸͺŸ Windows security tools in Go, Rust & C | Credential dump, token manipulation, DLL injection, keylogger | Native Win32 API | @anonantics

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bad-antics/nullsec-win

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

3 Commits
c
c
Β 
Β 
go
go
Β 
Β 
rust
rust
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

πŸͺŸ NullSec Win

Fast, native Windows security tools written in Go, Rust, and C

High-performance red team and penetration testing utilities for Windows systems

GitHub Discord

πŸš€ Tools

Go Tools (Fast, Cross-compilable)

Tool Description
creds_dump.go Extract credentials (Credential Manager, WiFi, browsers)
hollow.go Process hollowing for code injection
regpersist.go Registry-based persistence management
token.go Token manipulation and privilege escalation

Rust Tools (Memory-safe, Blazing Fast)

Tool Description
nullsec-crypt File encryptor/ransomware simulator for testing

C Tools (Native Win32 API)

Tool Description
dll_inject.c DLL injection via CreateRemoteThread
keylogger.c Low-level keyboard hook keylogger

πŸ”§ Building

Go (Cross-compile from Linux/Mac)

cd go
GOOS=windows GOARCH=amd64 go build -o nullsec-creds.exe creds_dump.go
GOOS=windows GOARCH=amd64 go build -o nullsec-hollow.exe hollow.go
GOOS=windows GOARCH=amd64 go build -o nullsec-regpersist.exe regpersist.go
GOOS=windows GOARCH=amd64 go build -o nullsec-token.exe token.go

Rust

cd rust
cargo build --release --target x86_64-pc-windows-msvc
# Or cross-compile:
cargo build --release --target x86_64-pc-windows-gnu

C (Cross-compile with MinGW)

cd c
x86_64-w64-mingw32-gcc -o nullsec-inject.exe dll_inject.c
x86_64-w64-mingw32-gcc -o nullsec-keylog.exe keylogger.c -luser32

πŸ“– Usage Examples

Credential Dumper

nullsec-creds.exe -all     # Dump all credentials
nullsec-creds.exe -wifi    # WiFi passwords only
nullsec-creds.exe -browser # Browser credential paths

Token Manipulation

nullsec-token.exe -list       # List processes with users
nullsec-token.exe -priv       # Show current privileges
nullsec-token.exe -getsystem  # Attempt SYSTEM escalation
nullsec-token.exe -steal 1234 # Steal token from PID

Registry Persistence

nullsec-regpersist.exe -list
nullsec-regpersist.exe -add backdoor -value "C:\payload.exe"
nullsec-regpersist.exe -remove backdoor

DLL Injection

nullsec-inject.exe -l                      # List processes
nullsec-inject.exe -p 1234 -d payload.dll  # Inject by PID
nullsec-inject.exe -n notepad.exe -d beacon.dll

Process Hollowing

nullsec-hollow.exe -list                   # List target processes
nullsec-hollow.exe -target notepad.exe -file shellcode.bin

Keylogger

nullsec-keylog.exe                # Log to console
nullsec-keylog.exe -o keylog.txt  # Log to file
nullsec-keylog.exe -s             # Stealth mode (hidden)

⚠️ Disclaimer

These tools are for authorized security testing only. Unauthorized use is illegal.

NullSec Framework | GitHub | bad-antics | Discord

About

πŸͺŸ Windows security tools in Go, Rust & C | Credential dump, token manipulation, DLL injection, keylogger | Native Win32 API | @anonantics

Topics

rust golang penetration-testing dll-injection red-team windows-security token-manipulation credential-dumping nullsec

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages