TheWover

TheWover's Stars

• flipperdevices/flipperzero-firmware

  Flipper Zero firmware source code

  Language:C13.4k3041.1k2.8k

• RedSiege/EyeWitness

  EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

  Language:Python5.1k145454860

• p0dalirius/Coercer

  A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

  Language:Python1.8k2362186

• flipperdevices/Flipper-Android-App

  Android Mobile app to rule all Flipper's family

  Language:Kotlin1.6k93124188

• microsoft/win32metadata

  Tooling to generate metadata for Win32 APIs in the Windows SDK.

  Language:C++1.4k361.6k122

• WKL-Sec/HiddenDesktop

  HVNC for Cobalt Strike

  Language:C1.2k155184

• med0x2e/SigFlip

  SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

  Language:C#1.1k2011193

• arget13/DDexec

  A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

  Language:Shell806141083

• diversenok/TokenUniverse

  An advanced tool for working with access tokens and Windows security policy.

  Language:Pascal58519266

• evild3ad/MemProcFS-Analyzer

  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

  Language:PowerShell558233660

• ricardojoserf/NativeDump

  Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

  Language:C#5487479

• thefLink/Hunt-Sleeping-Beacons

  Aims to identify sleeping beacons

  Language:C5216251

• l4rm4nd/LinkedInDumper

  Python 3 script to dump/scrape/extract company employees from LinkedIn API

  Language:Python40291044

• Meowmycks/LetMeowIn

  A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.

  Language:C++38210565

• 0xEr3bus/PoolPartyBof

  A beacon object file implementation of PoolParty Process Injection Technique.

  Language:C3565243

• securifybv/Visual-Studio-BOF-template

  A Visual Studio template used to create Cobalt Strike BOFs

  Language:C28710254

• 0xcpu/WinAltSyscallHandler

  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999

  Language:C21214050

• eversinc33/BouncyGate

  Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).

  Language:Nim1804014

• rasta-mouse/CsWhispers

  Source generator to add D/Invoke and indirect syscall methods to a C# project.

  Language:C#1733016

• ipSlav/DirtyCLR

  An App Domain Manager Injection DLL PoC on steroids

  Language:C#1632019

• repnz/apc-research

  APC Internals Research Code

  Language:C1618149

• jsecurity101/ETWInspector

  Language:C++1543016

• vxCrypt0r/AMSI_VEH

  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, function hooking or Import Address Table (IAT) modification.

  Language:C++1512024

• DownWithUp/CallMon

  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers

  Language:C12911140

• ControlCompass/ControlCompass.github.io

  Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

  Language:JavaScript1276327

• outflanknl/external_c2

  POC for Cobalt Strike external C2

  Language:C1227134

• klezVirus/RpcProxyInvoke

  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar

  Language:C++1201017

• sadshade/veeam-creds

  Collection of scripts to retrieve stored passwords from Veeam Backup

  Language:Python1013230

• avast/pe_tools

  A cross-platform Python toolkit for parsing/writing PE files.

  Language:Python6425516

• zimnyaa/LEOPARDSEAL

  A simple Linux in-memory .so loader

  Language:Python28205