MartinEarls

MartinEarls's Stars

• anuraghazra/github-readme-stats

  :zap: Dynamically generated stats for your github readmes

  Language:JavaScript68.6k2741.2k22.5k

• jekyll/jekyll

  :globe_with_meridians: Jekyll is a blog-aware static site generator in Ruby

  Language:Ruby49k1.4k4.8k10k

• Kinnara/ModernWpf

  Modern styles and controls for your WPF applications

  Language:C#4.4k78464445

• mandiant/capa

  The FLARE team's open-source tool to identify capabilities in executable files.

  Language:Python4.1k83985517

• 0x90n/InfoSec-Black-Friday

  All the deals for InfoSec related software/tools this Black Friday

  2.9k24528323

• dahall/Vanara

  A set of .NET libraries for Windows implementing PInvoke calls to many native Windows APIs with supporting wrappers.

  Language:C#1.8k43375193

• ine-labs/AWSGoat

  AWSGoat : A Damn Vulnerable AWS Infrastructure

  Language:PHP1.7k36261.1k

• Yaxser/Backstab

  A tool to kill antimalware protected processes

  Language:C1.4k2710237

• vxunderground/VXUG-Papers

  Research code & papers from members of vx-underground.

  Language:C1.1k760231

• CCob/SharpBlock

  A method of bypassing EDR's active projection DLL's by preventing entry point exection

  Language:C#1.1k2010155

• med0x2e/SigFlip

  SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

  Language:C#1.1k2111182

• elastic/protections-artifacts

  Elastic Security detection content for Endpoint

  Language:YARA1k4613109

• c3c/ADExplorerSnapshot.py

  ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.

  Language:Python869829111

• TheWover/DInvoke

  Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.

  Language:C#6661420107

• deepinstinct/Dirty-Vanity

  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417

  Language:C6155283

• Cracked5pider/KaynLdr

  KaynLdr is a Reflective Loader written in C/ASM

  Language:C514121104

• Cybereason/siofra

  Language:Assembly47223186

• deepinstinct/LsassSilentProcessExit

  Command line interface to dump LSASS memory to disk via SilentProcessExit

  Language:C++4368360

• boku7/Ninja_UUID_Runner

  Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!

  Language:C4307087

• CCob/Volumiser

  Language:C#3308135

• RedSiege/EDD

  Enumerate Domain Data

  Language:C#3159559

• crummie5/FreshyCalls

  FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!

  Language:C++3136734

• Gr1mmie/AtlasC2

  C# C2 Framework centered around Stage 1 operations

  Language:C#2035241

• ZeroMemoryEx/Orca

  Incomplete project

  Language:C++18911530

• mttaggart/wtfbins

  WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.

  Language:TypeScript14985612

• Flangvik/SharpExfiltrate

  Modular C# framework to exfiltrate loot over secure and trusted channels.

  Language:C#1213035

• snovvcrash/MirrorDump

  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory

  Language:C#1024016

• EspressoCake/DLL_Imports_BOF

  A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.

  Language:C823010

• HuskyHacks/RustyProcessInjectors

  Just some Rust process injector POCs, nothing weird.

  Language:Rust811111

• wayfair-incubator/malicious-chrome-extension-scanner

  Collect chrome extensions from various devices and find out if they are malicious

  Language:Python20325