whichbuffer

whichbuffer's Stars

• hfiref0x/UACME

  Defeating Windows User Account Control

  Language:C6.5k2791191.3k

• mitre/caldera

  Automated Adversary Emulation Platform

  Language:Python5.8k1717911.1k

• Azure/Azure-Sentinel

  Cloud-native SIEM for intelligent security analytics for your entire enterprise.

  Language:Python4.7k2381.4k3.1k

• swimlane/ngx-charts

  :bar_chart: Declarative Charting Framework for Angular

  Language:TypeScript4.3k1531.4k1.1k

• nicocha30/ligolo-ng

  An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

  Language:Go3k25104305

• mgeeky/Penetration-Testing-Tools

  A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

  Language:PowerShell2.6k836511

• sysdream/ligolo

  Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/

  Language:Go1.7k3710222

• kimci86/bkcrack

  Crack legacy zip encryption with Biham and Kocher's known plaintext attack.

  Language:C++1.7k21120164

• WithSecureLabs/C3

  Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

  Language:C++1.6k5223274

• Lozy/danted

  Fast script for installing & configing Danted--Socks5 Proxy Server.

  Language:Roff1.5k39123453

• klezVirus/SysWhispers3

  SysWhispers on Steroids - AV/EDR evasion via direct system calls.

  Language:Python1.4k2315174

• 0x09AL/RdpThief

  Extracting Clear Text Passwords from mstsc.exe using API Hooking.

  Language:C++1.3k363360

• samratashok/ADModule

  Microsoft signed ActiveDirectory PowerShell module

  Language:PowerShell860176198

• hatRiot/token-priv

  Token Privilege Research

  Language:C++790272172

• RedTeamOperations/Advanced-Process-Injection-Workshop

  Language:C++739160142

• swimlane/ngx-ui

  🚀 Style and Component Library for Angular

  Language:TypeScript70847136111

• JPCERTCC/MalConfScan

  Volatility plugin for extracts configuration data of known malware

  Language:Python482361767

• KaLendsi/CVE-2022-21882

  win32k LPE

  Language:C++461147134

• hasherezade/process_overwriting

  Yet another variant of Process Hollowing

  Language:C++35612477

• captainGeech42/ransomwatch

  Ransomware leak site monitoring

  Language:Python309225461

• S3cur3Th1sSh1t/Nim-RunPE

  A Nim implementation of reflective PE-Loading from memory

  Language:Nim2746440

• cdong1012/Rust-Ransomware

  Ransomware written in Rust

  Language:Rust2379051

• Orange-Cyberdefense/russia-ukraine_IOCs

  Russia / Ukraine 2022 conflict related IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake

  17425250

• embee-research/Randomise-api-hashes-cobalt-strike

  Bypass Detection By Randomising ROR13 API Hashes

  Language:Python1331114

• Res260/conti_202202_leak_procedures

  This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in the leak and posted on may 10th, 2021 in the channel.

  877037

• riskydissonance/SyscallsExample

  Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.

  Language:Assembly731018

• tothi/SharpStay

  .NET project for installing Persistence

  Language:C#643011

• iammaguire/Salient-Rootkit

  A kernel mode Windows rootkit in development.

  Language:C++495112

• tothi/PowerLessShell

  Run PowerShell command without invoking powershell.exe

  Language:Python35204

• whichbuffer/Conti-Ransomware-IOC

  7202