0xhunter213's Stars
HavocFramework/Havoc
The Havoc Framework
qilingframework/qiling
A True Instrumentable Binary Emulation Framework
mandiant/capa
The FLARE team's open-source tool to identify capabilities in executable files.
RhinoSecurityLabs/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
t3l3machus/Villain
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
alexandreborges/malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
hasherezade/pe-bear
Portable Executable reversing tool with a friendly GUI
kgretzky/pwndrop
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
gtworek/Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
mandiant/flare-fakenet-ng
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
davehull/Kansa
A Powershell incident response framework
trailofbits/publications
Publications from Trail of Bits
Bert-JanP/Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
RythmStick/AMSITrigger
The Hunt for Malicious Strings
ForensicArtifacts/artifacts
Digital Forensics artifact repository
jklmnn/imagejs
Small tool to package javascript into a valid image file.
garrettfoster13/sccmhunter
gladiatx0r/Powerless
Windows privilege escalation (enumeration) script designed with OSCP labs (legacy Windows) in mind
Bw3ll/sharem
SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.
HuskyHacks/ShadowSteal
Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
YARAHQ/yara-forge
Automated YARA Rule Standardization and Quality Assurance Tool
strozfriedberg/cobaltstrike-config-extractor
Cobalt Strike Beacon configuration extractor and parser.
EricZimmerman/RECmd
Command line access to the Registry
CCob/Shwmae
DissectMalware/pyOneNote
A python library to parse OneNote (.one) files
dicegang/dicectf-quals-2024-challenges
All challenges from DiceCTF Quals 2024
p0dalirius/hivetools
A collection of python scripts to work with Windows Hives.
nass15456/CTFs
hfz1337/discord-oauth2-webapp
A simple web application that uses Discord OAuth2 for authentication
Th3-l4dy/TpSecurity