Lists (32)
AD/ADCS
92 repositories
AdversorySimulation
161 repositories
asm windows
21 repositories
AV
125 repositories
C/cpp
327 repositories
C#/ps1
154 repositories
C2
235 repositories
Cloud
32 repositories
COM
18 repositories
DevSecOps
2 repositories
Dll hijacking
27 repositories
EDR
284 repositories
🔮 Future ideas
60 repositories
go
11 repositories
IntialAccess
9 repositories
Linux kernel and macOS repo
14 repositories
LSASS | CG | PPL | Kernel CalBak
44 repositories
MalwareAnalysis&RE
Resources related to Malware Analysis and RE21 repositories
Offensive AI
8 repositories
OSINT
6 repositories
Pentest/Exploitation
20 repositories
post exp
200 repositories
RedTeam
284 repositories
SAAS/Oauth/PurpleTeam
3 repositories
Sanbox Evasion
4 repositories
shellcode
90 repositories
threatDetect
87 repositories
UAC Bypass
13 repositories
Win Platform Security feature
Credential Guard | CFG | PatchGuard | DSE6 repositories
Windows Kernel driver
46 repositories
Windows rootkit
27 repositories
windows syscall and Stack
13 repositories
Starred repositories
Decrypt SCCM and DPAPI secrets with Powershell.
Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking
A Beacon Object File (BOF) template for Visual Studio
a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
Collection of powershell scripts I used to complete my CARTP and CARTE courses.
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A tool that shows detailed information about named pipes in Windows
Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Callback Routine registering and ZwTerminateProcess.
A Poc on blocking Procmon from monitoring network events
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
A C# implementation that disables Windows Firewall bypassing UAC
A C# implementation of dumping credentials from Windows Credential Manager
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
MeshAgent used along with MeshCentral to remotely manage computers. Many variations of the background management agent are included as binaries in the MeshCentral project.
A delicious, but malicious SSL-VPN server 🌮
AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.