Pinned Repositories
BabukRansomwareSourceCode
Leaked source code of the babuk ransomware by VXUG
ETWHash-Local
C# POC to extract NetNTLMv1/v2 hashes from ETW provider (modified version for using ETL file)
GPOs
Windows GPOs
payload_resources
Payload source code resources for adversary simulation purposes
dredd
Automated detection rule analysis utility
indexes
Test case indexes
RedTeamSIEM
Repository of resources for configuring a Red Team SIEM using Elastic
2XXE-SRA's Repositories
2XXE-SRA/ETWHash-Local
C# POC to extract NetNTLMv1/v2 hashes from ETW provider (modified version for using ETL file)
2XXE-SRA/payload_resources
Payload source code resources for adversary simulation purposes
2XXE-SRA/GPOs
Windows GPOs
2XXE-SRA/BabukRansomwareSourceCode
Leaked source code of the babuk ransomware by VXUG
2XXE-SRA/ColorDataProxyUACBypass
Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC bypass. Win 7 & up.
2XXE-SRA/gobfuscate
Obfuscate Go binaries and packages
2XXE-SRA/inflate.py
Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
2XXE-SRA/MemeCryptor
Ransomware and Memes
2XXE-SRA/overwriteMBR
Warning! Don't run this code on your computer.
2XXE-SRA/simple-kubernetes-webhook
This project is aimed at illustrating how to build a fully functioning kubernetes admission webhook in the simplest way possible.