matt-finish
I like to hack stuff. During the day I'm a security consultant, and at night I teach a Cyber Security class at University of Texas. Free time? Nah.
matt-finish's Stars
DyNaam1c/malware-clipper
đź“‹Native x64 clipper written in the go-lang.
mr3moe/clipTakeOver
Clipboard cryptocurrency Hijacker
ZupIT/horusec
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Consensys/mythril
Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.
CryptoServices/dasp
The Decentralized Application Security Project
SmartContractSecurity/SWC-registry
Smart Contract Weakness Classification and Test Cases
gracenolan/Notes
alex/what-happens-when
An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"
joswha/Secure-Coding-Handbook
Web Application Secure Coding Handbook resource.
matt-finish/M1-Mac-Pentesting
stephenfewer/ReflectiveDLLInjection
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
nccgroup/demiguise
HTA encryption tool for RedTeams
latortuga71/TortugaToolKit
Collection of some of my own tools with other great open source tools out there packaged into a powershell module
cobbr/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
samratashok/ADModule
Microsoft signed ActiveDirectory PowerShell module
bats3c/shad0w
A post exploitation framework designed to operate covertly on heavily monitored environments
S3cur3Th1sSh1t/Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
topotam/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
cfalta/MicrosoftWontFixList
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
someshkar/colabcat
:smiley_cat: Running Hashcat on Google Colab with session backup and restore.
PortSwigger/java-serialized-payloads
YSOSERIAL Integration with burp suite
pwntester/ysoserial.net
Deserialization payload generator for a variety of .NET formatters
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
security-prince/Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Invoke-IR/PowerForensics
PowerForensics provides an all in one platform for live disk forensic analysis
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
pwndoc/pwndoc
Pentest Report Generator
lixmk/Concierge
Concierge Toolkit: Physical Access Control Identification and Exploitation
enaqx/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
rmusser01/Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.