Pinned Repositories
40k-nuclei-templates
40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
Adrena
Software Protector
Anti-Delete
Protects deletion of files with a specified extension using a kernel-mode driver.
anti-ransomware-minifilter
A minifilter driver for detecting and blocking ransomware virus
archive
armadito-av
Armadito antivirus main repository
mIRC
Old mIRC script used by SOD Team
RansomWatch
Ransomware detection application for Windows using Windows Minifilter driver
salemarsm's Repositories
salemarsm/PELoader
PE loader with various shellcode injection techniques
salemarsm/LazyCopy
NTFS minifilter driver that can download file content from a remote location, when it is opened for the first time.
salemarsm/breakcyserver
salemarsm/T.D.P.
Using Thread Description To Hide Shellcodes
salemarsm/PPLdump
Dump the memory of a PPL with a userland exploit
salemarsm/goWMIExec
Really stupid re-implementation of invoke-wmiexec
salemarsm/hidden
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
salemarsm/WebView2-Cookie-Stealer
salemarsm/VMProtect-devirtualization
Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.
salemarsm/netspy
netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)
salemarsm/CiDllDemo
Use ci.dll API for validating Authenticode signature of files
salemarsm/PPLRunner
Run Processes as PPL with ELAM
salemarsm/OffensiveVBA
This repo covers some code execution and AV Evasion methods for Macros in Office documents
salemarsm/archive
salemarsm/MultiPotato
salemarsm/DarkLoadLibrary
LoadLibrary for offensive operations
salemarsm/C2ReverseProxy
一款可以在不出网的环境下进行反向代理及cs上线的工具
salemarsm/injdrv
proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
salemarsm/TheSubZeroProject
A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
salemarsm/FSDefender
Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware
salemarsm/Adrena
Software Protector
salemarsm/Prevent_File_Deletion
Record & prevent file deletion in kernel mode
salemarsm/RansomWatch
Ransomware detection application for Windows using Windows Minifilter driver
salemarsm/file-system-filter
Windows file system filter driver - illustration of the technology
salemarsm/CVE-2018-19320
Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)
salemarsm/Screwed-Drivers
"Screwed Drivers" centralized information source for code references, links, etc.
salemarsm/stats
A well tested and comprehensive Golang statistics library package with no dependencies.
salemarsm/procfilter
A YARA-integrated process denial framework for Windows
salemarsm/Kernelmode-manual-mapping-through-IAT
Manual mapping without creating any threads, with rw only access
salemarsm/HideDriver
之前那份是7600的,每次编译搞得好麻烦。更新一个VS2017可以直接编译的。