Skip to content
View andrecrafts's full-sized avatar

Block or report andrecrafts

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
andrecrafts/README.md

Hi, I'm André, AKA AndreCrafts.

(You may also know me from my previous work as WafflesExploits).

Website Badge Linkedin Badge X Badge TryHackMe Badge HackTheBox Badge Mail Badge

I'm available for contracts and consulting opportunities in DevSecOps, Cloud Architecture, and Application Security.

💡 Collaboration & Community 💡

Enjoying my work? Show your support with a ⭐️ or by sharing my repositories!

Have ideas or want to collaborate on a project? My inbox is always open.

📊 My GitHub Stats 📊

trophy

Pinned Loading

  1. hide-payload-in-images hide-payload-in-images Public

    A project that demonstrates embedding shellcode payloads into image files (like PNGs) using Python and extracting them using C/C++. Payloads can be retrieved directly from the file on disk or from …

    C++ 234 41

  2. CobaltStrike-YARA-Bypass-f0b627fc CobaltStrike-YARA-Bypass-f0b627fc Public

    Bypass YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellcode sequences.

    Python 53 10

  3. Bloodhound-query-legacy2ce Bloodhound-query-legacy2ce Public

    A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to the API or save them to a file for later use.

    Python 38 3

  4. Dynamic-HTTP-Payload-Stager Dynamic-HTTP-Payload-Stager Public

    A dynamic HTTP/S stager that lets one shellcode loader be reused for different encrypted payloads - no rebuilds.

    C++ 20 8

  5. WafflesFORCE WafflesFORCE Public

    A multi-threaded login brute-forcer designed to bypass CSRF token protection by automatically capturing and injecting tokens per request.

    Python 9 2

  6. httpserver-plus httpserver-plus Public

    An improved version of Python's http.server, created for redirection purposes.

    Python 7 2