DriftSec's Stars
BishopFox/sliver
Adversary Emulation Framework
LordNoteworthy/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
briandowns/spinner
Go (golang) package with 90 configurable terminal spinner/progress indicators.
cube0x0/CVE-2021-1675
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
S3cur3Th1sSh1t/Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
CCob/SweetPotato
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
chvancooten/maldev-for-dummies
A workshop about Malware Development
tkmru/awesome-edr-bypass
Awesome EDR Bypass Resources For Ethical Hacking
deepinstinct/Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
VirtualAlllocEx/DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
aircrack-ng/rtl8814au
Realtek rtl8814au driver
daem0nc0re/AtomicSyscall
Tools and PoCs for Windows syscall investigation.
f1zm0/acheron
indirect syscalls for AV/EDR evasion in Go assembly
Amzza0x00/go-impacket
基于golang实现的impacket
SaadAhla/BlockOpenHandle
Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote memory scanners