Samirbous

Samirbous's Stars

• Mr-Un1k0d3r/EDRs

  Language:C2k695350

• fortra/nanodump

  The swiss army knife of LSASS dumping

  Language:C1.8k3328243

• Dec0ne/KrbRelayUp

  KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

  Language:C#1.6k2323208

• vxunderground/VX-API

  Collection of various malicious functionality to aid in malware development

  Language:C++1.5k4713257

• rootsecdev/Azure-Red-Team

  Azure Security Resources and Notes

  Language:PowerShell1.5k300204

• 0xrawsec/whids

  Open Source EDR for Windows

  Language:Go1.2k45130145

• elastic/protections-artifacts

  Elastic Security detection content for Endpoint

  Language:YARA1.1k4716121

• daem0nc0re/TangledWinExec

  PoCs and tools for investigation of Windows process execution techniques

  Language:C#887213141

• trendmicro/tlsh

  Language:Max75649100137

• decoder-it/LocalPotato

  Language:C++6815293

• naksyn/Pyramid

  a tool to help operate in EDRs' blind spots

  Language:Python674121076

• hakril/PythonForWindows

  A codebase aimed to make interaction with Windows and native execution easier

  Language:Python6102535116

• mdecrevoisier/EVTX-to-MITRE-Attack

  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

  53626189

• gabriellandau/PPLFault

  Language:C5168682

• zblurx/dploot

  DPAPI looting remotely and locally in Python

  Language:Python43371456

• med0x2e/NTLMRelay2Self

  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).

  Language:C3966144

• cyberark/RPCMon

  RPC Monitor tool based on Event Tracing for Windows

  Language:C#33212235

• antonioCoco/MalSeclogon

  A little tool to play with the Seclogon service

  Language:C3086147

• Kudaes/LOLBITS

  ** DISCONTINUED ** C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + Dinvoke for EDR user-mode hooking evasion.

  Language:C#21614138

• m417z/winapiexec

  A small tool that allows to run WinAPI functions through command line parameters

  Language:C1823127

• g3rzi/HackingKubernetes

  This repository contain any information that can be used to hack Kubernetes

  1002016

• gabriellandau/ShadowStackWalk

  Finding Truth in the Shadows

  Language:C++85308

• elastic/Silhouette

  Keep it secret, keep it safe

  Language:C76409

• elastic/die-python

  Native Python3 bindings for @horsicq's Detect-It-Easy

  Language:Python50213

• decoder-it/Troopers24

  42104

• AzAgarampur/byeintegrity9-uac

  Language:C++362210

• ionescu007/r0ak

  Language:C29309

• elastic/llm-detection-proxy

  A proxy tool for detecting and logging LLM queries to Elasticsearch.

  Language:Python6401

• elastic/DaC-Reference

  DaC Repo to store the reference documentation and detection-rules management with Elastic rules.

  5340

• elastic/endpoint-shell

  Endpoint Response Shell

  Language:Python330