lfontesm's Stars
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
seL4/seL4
The seL4 microkernel
ufrisk/MemProcFS
MemProcFS
bytecode77/r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
mufeedvh/moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
packing-box/awesome-executable-packing
A curated list of awesome resources related to executable packing
Cracked5pider/Stardust
A modern 64-bit position independent implant template
0x4143/malware-gems
A not so awesome list of malware gems for aspiring malware analysts
daem0nc0re/PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
DavidBuchanan314/dlinject
Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace
mrexodia/dumpulator
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
RedTeamOperations/Advanced-Process-Injection-Workshop
Idov31/FunctionStomping
Shellcode injection technique. Given as C++ header, standalone Rust program or library.
mandiant/GoReSym
Go symbol recovery tool
Invoke-IR/ForensicPosters
SecWiki/office-exploits
office-exploits Office漏洞集合 https://www.sec-wiki.com
aaaddress1/Windows-APT-Warfare
著作《Windows APT Warfare:惡意程式前線戰術指南》各章節技術實作之原始碼內容
VollRagm/KernelBypassSharp
C# Kernel Mode Driver to read and write memory in protected processes
SecuProject/ADenum
AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.
karttoon/trigen
Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.
APTortellini/DefenderSwitch
Stop Windows Defender using the Win32 API
vfsfitvnm/intruducer
A Rust crate to load a shared library into a Linux process without using ptrace.
tihanyin/Simple-Reverse-Shell
Simple reverse shell to avoid Win 11 defender detection
bohops/RogueAssemblyHunter
Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
ORCA666/T.D.P
Using Thread Description To Hide Shellcode
nop-tech/learning-resources
Collection of resources to learn pentesting, exploit development, obfuscation & much more.
StHomeLess/HWID-Kernel-Spoofer
HWID Kernel Spoofer for the most recent EAC and BE games
evilmog/evilmog
forrest-orr/ExploitDev
Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/
pedrobadm7/my-trips