DriftSec

DriftSec's Stars

• BishopFox/sliver

  Adversary Emulation Framework

  Language:Go8.2k1487281.1k

• LordNoteworthy/al-khaser

  Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

  Language:C++5.8k2391011.2k

• briandowns/spinner

  Go (golang) package with 90 configurable terminal spinner/progress indicators.

  Language:Go2.3k2064130

• cube0x0/CVE-2021-1675

  C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

  Language:C#1.8k4464582

• S3cur3Th1sSh1t/Amsi-Bypass-Powershell

  This repo contains some Amsi Bypass methods i found on different Blog Posts.

  1.7k353285

• CCob/SweetPotato

  Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

  Language:C#1.6k1913214

• chvancooten/maldev-for-dummies

  A workshop about Malware Development

  Language:Nim1.5k252181

• tkmru/awesome-edr-bypass

  Awesome EDR Bypass Resources For Ethical Hacking

  88824094

• deepinstinct/Dirty-Vanity

  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417

  Language:C6125283

• VirtualAlllocEx/DEFCON-31-Syscalls-Workshop

  Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

  Language:C60810090

• aircrack-ng/rtl8814au

  Realtek rtl8814au driver

  Language:C4194491129

• daem0nc0re/AtomicSyscall

  Tools and PoCs for Windows syscall investigation.

  Language:C#3495147

• f1zm0/acheron

  indirect syscalls for AV/EDR evasion in Go assembly

  Language:Assembly3036333

• Amzza0x00/go-impacket

  基于golang实现的impacket

  Language:Go2354323

• SaadAhla/BlockOpenHandle

  Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote memory scanners

  Language:C++1625124