MartinEarls's Stars
anuraghazra/github-readme-stats
:zap: Dynamically generated stats for your github readmes
jekyll/jekyll
:globe_with_meridians: Jekyll is a blog-aware static site generator in Ruby
Kinnara/ModernWpf
Modern styles and controls for your WPF applications
mandiant/capa
The FLARE team's open-source tool to identify capabilities in executable files.
0x90n/InfoSec-Black-Friday
All the deals for InfoSec related software/tools this Black Friday
dahall/Vanara
A set of .NET libraries for Windows implementing PInvoke calls to many native Windows APIs with supporting wrappers.
ine-labs/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
Yaxser/Backstab
A tool to kill antimalware protected processes
vxunderground/VXUG-Papers
Research code & papers from members of vx-underground.
CCob/SharpBlock
A method of bypassing EDR's active projection DLL's by preventing entry point exection
med0x2e/SigFlip
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
elastic/protections-artifacts
Elastic Security detection content for Endpoint
c3c/ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
TheWover/DInvoke
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
deepinstinct/Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
Cracked5pider/KaynLdr
KaynLdr is a Reflective Loader written in C/ASM
Cybereason/siofra
deepinstinct/LsassSilentProcessExit
Command line interface to dump LSASS memory to disk via SilentProcessExit
boku7/Ninja_UUID_Runner
Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
CCob/Volumiser
RedSiege/EDD
Enumerate Domain Data
crummie5/FreshyCalls
FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!
Gr1mmie/AtlasC2
C# C2 Framework centered around Stage 1 operations
ZeroMemoryEx/Orca
Incomplete project
mttaggart/wtfbins
WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.
Flangvik/SharpExfiltrate
Modular C# framework to exfiltrate loot over secure and trusted channels.
snovvcrash/MirrorDump
Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
EspressoCake/DLL_Imports_BOF
A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.
HuskyHacks/RustyProcessInjectors
Just some Rust process injector POCs, nothing weird.
wayfair-incubator/malicious-chrome-extension-scanner
Collect chrome extensions from various devices and find out if they are malicious