luom

luom's Stars

• HavocFramework/Havoc

  The Havoc Framework.

  Language:Go6.3k97315904

• AdnanHodzic/auto-cpufreq

  Automatic CPU speed & power optimizer for Linux

  Language:Python5.3k41411260

• Ponderfly/GoogleTranslateIpCheck

  Language:C#4.3k3446434

• wavestone-cdt/EDRSandblast

  Language:C1.4k3915268

• zhboner/realm

  A network relay tool

  Language:Rust1.4k17113266

• tsale/EDR-Telemetry

  This project aims to compare and evaluate the telemetry of various EDR products.

  Language:Python1.4k5327140

• dropbox/dbxcli

  A command line client for Dropbox built using the Go SDK

  Language:Go1k37139101

• bluesadi/Pluto

  Obfuscator based on LLVM 14.0.6

  Language:LLVM7972847178

• myzxcg/RealBlindingEDR

  Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

  Language:C++7271611143

• anthemtotheego/InlineExecute-Assembly

  InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module

  Language:C561171113

• FDlucifer/Proxy-Attackchain

  Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)

  Language:C#481120103

• Mr-Un1k0d3r/.NetConfigLoader

  .net config loader

  2944032

• KomiMoe/Arkari

  Yet another llvm based obfuscator based on goron.

  2688940

• reveng007/SharpGmailC2

  Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol

  Language:C#25410244

• zer0condition/NVDrv

  Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.

  Language:C++2294169

• repnz/autochk-rootkit

  Reverse engineered source code of the autochk rootkit

  Language:C19010164

• SaadAhla/ntdlll-unhooking-collection

  different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)

  Language:C++1713136

• fortra/hw-call-stack

  Use hardware breakpoints to spoof the call stack for both syscalls and API calls

  Language:C1704129

• Mr-Un1k0d3r/Elevate-System-Trusted-BOF

  Language:C1405023

• Laokoon-SecurITy/Cortex-XDR-Config-Extractor

  Cortex XDR Config Extractor

  Language:Python1154120

• RedTeamOperations/Journey-to-McAfee

  Language:C1107019

• Oxygen1a1/callstack_spoof

  Language:C++1083236

• sfewer-r7/CVE-2023-27532

  Exploit for CVE-2023-27532 against Veeam Backup & Replication

  Language:C#1025420

• realoriginal/angryorchard

  A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022

  Language:C987030

• veritas501/ToyObfuscator

  Toy LLVM obfuscator pass

  Language:C++714210

• otris/ews-cpp

  A C++11 header-only library for Microsoft Exchange Web Services

  Language:C++671210230

• ProcessusT/PsNotifRoutineUnloader

  This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCreateThreadNotifyRoutine from ESET Security to bypass the driver detection

  Language:C++623013

• Raymai97/SuperCMD

  Run program as SYSTEM, with TrustedInstaller token if desired

  Language:C#503316

• tigros/HookTools

  Plugin for Process Hacker 2 ( https://github.com/processhacker2 ), displays system hooks and able to unhook too.

  Language:C498312

• MustangYM/ShelbyObfuscator

  Obfuscator for llvm 16.0.2

  48337