Pinned Repositories
40k-nuclei-templates
40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
Adrena
Software Protector
Anti-Delete
Protects deletion of files with a specified extension using a kernel-mode driver.
anti-ransomware-minifilter
A minifilter driver for detecting and blocking ransomware virus
archive
armadito-av
Armadito antivirus main repository
mIRC
Old mIRC script used by SOD Team
RansomWatch
Ransomware detection application for Windows using Windows Minifilter driver
salemarsm's Repositories
salemarsm/40k-nuclei-templates
40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
salemarsm/awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
salemarsm/Creds
Some usefull Scripts and Executables for Pentest & Forensics
salemarsm/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
salemarsm/Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
salemarsm/atheon
Anti-Ransomware Toolkit with kernel drivers.
salemarsm/Blackbone
Windows memory hacking library
salemarsm/BYOVDKit
bring your own vulnerable driver
salemarsm/dynmx
Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
salemarsm/Firefox-WebInject
Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
salemarsm/go-stealer
Cookie & Logins stealer for Firefox + Chrome, demonstration only
salemarsm/HandleKatz
PIC lsass dumper using cloned handles
salemarsm/Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
salemarsm/KDU
Kernel Driver Utility
salemarsm/lvlchg
salemarsm/mydumbedr
salemarsm/nanodump
The swiss army knife of LSASS dumping
salemarsm/no-defender
A slightly more fun way to disable windows defender. (through the WSC api)
salemarsm/NoMoreCookies
Browser Protector against various stealers, written in C# & C/C++.
salemarsm/PE-Obfuscator
PE obfuscator with Evasion in mind
salemarsm/PowerShell-Red-Team
Collection of PowerShell functions a Red Teamer may use in an engagement
salemarsm/PPLBlade
Protected Process Dumper Tool
salemarsm/PPLcontrol
Controlling Windows PP(L)s
salemarsm/PPLinject
Inject unsigned DLL into Protected Process Light (PPL)
salemarsm/PPLKiller
Protected Processes Light Killer
salemarsm/r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
salemarsm/VBoxCloak
A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)
salemarsm/VMwareCloak
A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.
salemarsm/windows-ps-callbacks-experiments
Files for http://blog.deniable.org/posts/windows-callbacks/
salemarsm/WinPwn
Automation for internal Windows Penetrationtest / AD-Security