mss3c's Stars
mikesiko/PracticalMalwareAnalysis-Labs
Binaries for the book Practical Malware Analysis
hfiref0x/UACME
Defeating Windows User Account Control
sevagas/macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Hagrid29/RemotePatcher
Patch AMSI and ETW in remote process via direct syscall
strandjs/IntroLabs
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
WithSecureLabs/chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
sans-blue-team/DeepBlueCLI
mitre-attack/bzar
A set of Zeek scripts to detect ATT&CK techniques.
decalage2/ViperMonkey
A VBA parser and emulation engine to analyze malicious macros.
t3l3machus/psudohash
Generates millions of keyword-based password mutations in seconds.
GreyDGL/PentestGPT
A GPT-empowered penetration testing tool
0xhav0c/CVE-2013-5211
tsale/EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
Crypt2Shell/Comae-Toolkit
Memory Dump
MagnetForensics/dumpit-linux
Memory acquisition for Linux that makes sense.
deepinstinct/Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
jschicht/RawCopy
Commandline low level file extractor for NTFS
BornToBeRoot/NETworkManager
A powerful tool for managing networks and troubleshoot network problems!
Dutchy-/volatility-plugins
Container for assorted volatility plugins.
carlpulley/volatility
A collection of Volatility Framework plugins.
DFIRKuiper/Kuiper
Digital Forensics Investigation Platform
Mr-Un1k0d3r/EDRs
JustasMasiulis/wow64pp
A modern c++ implementation of windows heavens gate
DamonMohammadbagher/NativePayload_PE1
NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs]
wh0amitz/BypassCredGuard
Credential Guard Bypass Via Patching Wdigest Memory
redballoonsecurity/ofrak
OFRAK: unpack, modify, and repack binaries.
microsoft/CNTK
Microsoft Cognitive Toolkit (CNTK), an open source deep-learning toolkit
microsoft/LightGBM
A fast, distributed, high performance gradient boosting (GBT, GBDT, GBRT, GBM or MART) framework based on decision tree algorithms, used for ranking, classification and many other machine learning tasks.
weixu8/RegMon
Registry tracker
zyantific/zydis
Fast and lightweight x86/x86-64 disassembler and code generation library