clowncs

clowncs's Stars

• binarly-io/efiXplorer

  IDA plugin for UEFI firmware analysis and reverse engineering automation

  Language:C++909106

• maple3142/gf2bv

  Solving linear systems over GF(2) by manipulating bitvectors

  Language:C30

• Lydxn/xorsat

  Language:C8

• RPISEC/MBE

  Course materials for Modern Binary Exploitation by RPISEC

  Language:C5.5k883

• S3N4T0R-0X0/BEAR

  Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.

  Language:C++28467

• HavocFramework/Havoc

  The Havoc Framework

  Language:Go6.9k962

• KunYi/Simple-UEFI-Bootloader

  A UEFI bootloader for bare-metal x86-64 applications

  Language:C3717

• Pebaz/spore

  UEFI Bytecode Disassembler

  Language:Rust574

• teemu-l/execution-trace-viewer

  Tool for viewing and analyzing execution traces

  Language:Python27054

• can1357/NtRays

  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

  Language:C++54971

• JonathanSalwan/Triton

  Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.

  Language:C++3.5k538

• Malandrone/PowerDecode

  PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs code dynamic analysis, extracting malware hosting URLs and checking http response.It can also detect if the malware attempts to inject shellcode into memory.

  Language:PowerShell16114

• robbert1978/alt-pwninit

  Language:Python83

• meromwolff/Ghidra-EFI-Byte-Code-Processor

  A Ghidra processor module for the EFI Byte Code (EBC)

  293

• yabits/ebcvm

  EFI Byte Code Virtual Machine in userspace

  Language:C777

• bata24/gef

  GEF - GDB Enhanced Features for exploit devs & reversers

  Language:Python39333

• LordNoteworthy/windows-internals

  My notes while studying Windows internals

  Language:C39980

• N0fix/rustbinsign

  Rust symbol recovery tool

  Language:Python318

• 0xQQa/IDAProPlugins

  Language:Python7

• r3dhun9/IDARustler

  IDA plugin helping reverse-engineering rust binaries

  Language:Python11

• itaymigdal/awesome-injection

  Centralized resource for listing and organizing known injection techniques and POCs

  22931

• kholia/OSX-KVM

  Run macOS on QEMU/KVM. With OpenCore + Monterey + Ventura + Sonoma support now! Only commercial (paid) support is available now to avoid spammy issues. No Mac system is required.

  Language:Python20.7k1.9k

• Immersive-Labs-Sec/SliverC2-Forensics

  A collection of tools and detections for the Sliver C2 Frameworj

  Language:Python10910

• hasherezade/hollows_hunter

  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

  Language:C2k255

• A200K/IDA-Pro-SigMaker

  Signature maker plugin for IDA 8.x and 9.x

  Language:C++32261

• a0rtega/pafish

  Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

  Language:C3.4k461

• stong/bruteforce

  Brute forcing scripts for bad CTF problems

  Language:C446

• cryptocorrosion/cryptocorrosion

  Performance crypto in pure Rust

  Language:Rust5232

• secure-foundations/rWasm

  A cross-platform high-performance provably-safe sandboxing Wasm-to-native compiler

  Language:Rust286

• corrode/four-horsemen-talk

  Slides and sample code from my talk "The Four Horsemen of Bad Rust Code" at FOSDEM

  Language:Rust25