Pinned Repositories
Akira-obfuscator
Another LLVM-obfuscator based on LLVM-17. A fork of Arkari
BOAZ
A Multilayered AV/EDR Evasion Framework and AV Testing Tool.
BOAZ_beta
Multilayered AV/EDR Evasion Framework
Checklists
Red Teaming & Pentesting checklists for various engagements
Clefia_cipher_python_implementation_for_general_testing
Comparison tests on lightweight Clefia cipher proposed by SONY
CNN-Dog-Human-detection-and-dogbreed-classification
In this project I will build a convolutional network that could detect human and dog images, and then detect and resembling the breeds of dog. User supplied images are allowed.
codasm
Payload encoding utility to effectively lower payload entropy.
explainshell
match command-line arguments to their help text
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
stanford-cs-229-machine-learning
VIP cheatsheets for Stanford's CS 229 Machine Learning
thomasxm's Repositories
thomasxm/gocheck
DefenderCheck but blazingly fast™
thomasxm/amber
Reflective PE packer.
thomasxm/AV-Parser
By using the custom AV parser script, we were able to streamline the VT results to AVClass and return the voted labels.
thomasxm/DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
thomasxm/ldrgen
Template-based generation of shellcode loaders
thomasxm/LdrLockLiberator
For when DLLMain is the only way
thomasxm/MutationGate
Use hardware breakpoint to dynamically change SSN in run-time
thomasxm/ROP_ROCKET
ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP. The framework utilizes emulation and obfuscation to help expand the attack surface.
thomasxm/APOLLO
Apple Pattern of Life Lazy Output'er
thomasxm/asmjit
Low-latency machine code generation
thomasxm/awesome-censys-queries
A collection of fascinating and bizarre Censys Search Queries
thomasxm/blackdagger
Blackdagger is a DAG-based automation tool specifically used in DevOps, DevSecOps, MLOps, MLSecOps, and Continuous Red Teaming (CART).
thomasxm/CodeHawk-Binary
CodeHawk Binary Analyzer for malware analysis and general reverse engineering
thomasxm/emba
EMBA - The firmware security analyzer
thomasxm/HardeningMeter
HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.
thomasxm/Havoc
The Havoc Framework.
thomasxm/ImmoralFiber
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)
thomasxm/lightgrep
Command-line utility for multipattern search using liblightgrep
thomasxm/linux-pe
COFF and Portable Executable format described using standard C++ with no dependencies.
thomasxm/miasm
Reverse engineering framework in Python
thomasxm/pe_tools
A cross-platform Python toolkit for parsing/writing PE files.
thomasxm/reverser_ai
Provides automated reverse engineering assistance through the use of local large language models (LLMs) on consumer hardware.
thomasxm/rp
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
thomasxm/rp-bf.rs
fork: rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump
thomasxm/TangledWinExec
PoCs and tools for investigation of Windows process execution techniques
thomasxm/Windows-Internals
Important notes and topics on my journey towards mastering Windows Internals
thomasxm/Winton
Command and Control (C2) framework
thomasxm/wtf
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode (experimental!).
thomasxm/x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
thomasxm/zsteg
detect stegano-hidden data in PNG & BMP