secdev02

secdev02's Repositories

• secdev02/windows-event-forwarding

  A repository for using windows event forwarding for incident detection and response

• secdev02/HuginnDeception

• secdev02/apeman

  AWS Attack Path Management Tool - Walking on the Moon

• secdev02/bitcoinjs-lib

  A javascript Bitcoin library for node.js and browsers.

• secdev02/bitaddress.org

  JavaScript Client-Side Bitcoin Wallet Generator

• secdev02/whenfs

  A FUSE Filesystem for your Google calendar

• secdev02/Red-Teaming-TTPs

  Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!

• secdev02/iOS-Reverse-Engineering

• secdev02/Kerberos.NET

  A Kerberos implementation built entirely in managed code.

• secdev02/ZeroHVCI

  Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.

• secdev02/bitcoinbook

  Mastering Bitcoin 3rd Edition - Programming the Open Blockchain

• secdev02/atomic-red-team

  Small and highly portable detection tests based on MITRE's ATT&CK.

• secdev02/commando-vm

  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

• secdev02/MemFiles

  A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk

• secdev02/mac-monitor

  Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.

• secdev02/PrivescCheck

  Privilege Escalation Enumeration Script for Windows

• secdev02/ludus_sccm

  An Ansible collection that installs an SCCM deployment with optional configurations.

• secdev02/Btcbf

  Bitcoin private key brute force tool, written in python. Also can be used as a bitcoin wallet generator.

• secdev02/Amnesiac

  Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments

• secdev02/winnativeapibooksamples

  Samples from my book Windows Native API programming

• secdev02/XboxDevModeBatchScripts

  A collection of useful batch scripts created by myself and community members during my security research of the Xbox One/Series, specifically for Dev Mode SystemOS.

• secdev02/okta-terrify

  Okta Verify and Okta FastPass Abuse Tool

• secdev02/magic-wormhole

  get things from one computer to another, safely

• secdev02/PWA-Phishing

• secdev02/kdcproxy

  A kerberos KDC HTTP/HTTPS proxy WSGI module

• secdev02/CsWin32

  A source generator to add a user-defined set of Win32 P/Invoke methods and supporting types to a C# project.

• secdev02/NativeLinux

  Linux in the Windows Native Mode (chkdsk screen env)??

• secdev02/Voidgate

  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.

• secdev02/CTI-Analyst-Challenge

  An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.

• secdev02/Evilginx-Phishing-Infra-Setup

  Evilginx Phishing Engagement Infrastructure Setup Guide