smthdfirent

smthdfirent's Stars

• google/comprehensive-rust

  This is the Rust course used by the Android team at Google. It provides you the material to quickly teach Rust.

  Language:Rust27.6k1382891.6k

• frida/frida

  Clone this repo to build Frida

  Language:Meson15.9k3242.8k1.6k

• pwndbg/pwndbg

  Exploit Development and Reverse Engineering with GDB Made Easy

  Language:Python7.4k136895876

• lief-project/LIEF

  LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

  Language:C++4.4k128814620

• amlweems/xzbot

  notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

  Language:Go3.5k390239

• Neo23x0/signature-base

  YARA signature and IOC database for my scanners and tools

  Language:YARA2.5k19796601

• YDHCUI/manjusaka

  牛屎花 一款基于WEB界面的远程主机管理工具

  Language:Rust7842628144

• mandiant/Ghidrathon

  The FLARE team's open-source extension to add Python 3 scripting to Ghidra.

  Language:Java690106754

• t4d/StalkPhish

  StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

  Language:Python626273880

• drb-ra/C2IntelFeeds

  Automatically created C2 Feeds

  Language:REXX515301747

• eversinc33/Banshee

  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.

  Language:C++48113271

• google/cloud-forensics-utils

  Python library to carry out DFIR analysis on the Cloud

  Language:Python4592017688

• georgesotiriadis/Chimera

  Automated DLL Sideloading Tool With EDR Evasion Capabilities

  Language:Python4557455

• SpyGuard/SpyGuard

  SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device.

  Language:Python37973036

• nccgroup/Cartographer

  Code Coverage Exploration Plugin for Ghidra

  Language:Java32511628

• WithSecureLabs/lolcerts

  A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors

  Language:YARA31711127

• hyuunnn/Hyara

  Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)

  Language:Python222111643

• roadwy/DefenderYara

  Extracted Yara rules from Windows Defender mpavbase and mpasbase

  Language:YARA2106246

• HackingLZ/ExtractedDefender

  2054030

• blacktop/docker-ghidra

  Ghidra Client/Server Docker Image

  Language:Dockerfile20491856

• zodiacon/rust-course

  1167016

• p0dalirius/pdbdownload

  A Python script to download PDB files associated with a Portable Executable (PE)

  Language:Python1145713

• kkent030315/Van1338

  A journal for $6,000 Riot Vanguard bounty.

  57205

• mibho/x64dbg-vmp-trace

  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared up A LOT of misconceptions I had regarding VMP, and helped me not be as spooked as before about trying to use complex libs

  Language:Python49218

• c2links/NoWhere2Hide

  C2 Active Scanner

  Language:Go45506

• intel/unicorn-for-efi

  Unicorn Engine port for UEFI firmware

  Language:C41449

• GossiTheDog/Monitoring

  351540

• OWNsecurity/GWForensic

  DFIR project to collect and analyze events in Google Workspace

  Language:Python12000

• marcizhu/ChaCha20

  🔐 RFC 7539-compliant implementation of the ChaCha20 stream cypher algorithm

  Language:C6300

• rtlcopymemory/IOCTL-Explorer

  Java && Ghidrathon script to automatically find all IOCTL codes and their corresponding Windows API calls

  Language:Java1100