whichbuffer

whichbuffer's Stars

• iovisor/bcc

  BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

  Language:C20.8k5591.9k3.9k

• HavocFramework/Havoc

  The Havoc Framework

  Language:Go7k102345980

• Cyb3rWard0g/HELK

  The Hunting ELK

  Language:Jupyter Notebook3.8k215453687

• aquasecurity/tracee

  Linux Runtime Security and Forensics using eBPF

  Language:Go3.7k541.5k424

• elastic/detection-rules

  Language:Python2k891.6k512

• trustedsec/SysmonCommunityGuide

  TrustedSec Sysinternals Sysmon Community Guide

  Language:CSS1.2k7911167

• S3cur3Th1sSh1t/Creds

  Some usefull Scripts and Executables for Pentest & Forensics

  Language:PowerShell1.1k352238

• antonioCoco/SharPyShell

  SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

  Language:Python9311814144

• NUL0x4C/AtomPePacker

  A Highly capable Pe Packer

  Language:C6872115118

• KasperskyLab/triangle_check

  Language:Python51414540

• trustedsec/COFFLoader

  Language:C48419376

• akamai/akamai-security-research

  This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.

  Language:C47726271

• Cybereason/siofra

  Language:Assembly47623186

• trailofbits/fickling

  A Python pickling decompiler and static analyzer

  Language:Python436332951

• CodeXTF2/ScreenshotBOF

  An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.

  Language:C3466451

• dod-cyber-crime-center/DC3-MWCP

  DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.

  Language:Python306432059

• waldo-irc/YouMayPasser

  You shall pass

  Language:PowerShell25010051

• kkent030315/CVE-2022-42046

  CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM

  Language:C++1626026

• lockness-Ko/xz-vulnerable-honeypot

  An ssh honeypot with the XZ backdoor. CVE-2024-3094

  Language:Shell1438020

• SigmaHQ/sigma-cli

  The Sigma command line interface based on pySigma

  Language:Python138132435

• Neo23x0/YARA-Performance-Guidelines

  A guide on how to write fast and memory friendly YARA rules

  1278018

• Neo23x0/yaraQA

  YARA rule analyzer to improve rule quality and performance

  Language:Python95636

• embee-research/Yara-detection-rules

  Yara Rules for Modern Malware

  Language:YARA732016

• dracula/ida

  🧛🏻‍♂️ Dark theme for IDA Pro

  Language:CSS42466

• hacksysteam/CVE-2021-45067

  Adobe Reader DC Information Leak Exploit

  Language:Python221010

• Allevon412/ClassicAPIUnhooking

  Language:C++15307

• EyupErgin/DroidDetective

  Extended Static Analysis Tool for Analyzing Android APK Files.

  Language:Python13312

• ByCh4n/Delebetor

  Installs and adjusts Pentest tools.

  Language:Shell11103

• whichbuffer/CTTC

  Analyze cyber threat research post from given URLs and get insights with the help of ChatGPT

  Language:Python8202

• infinitumitlabs/Yara-Rules

  Infinitum IT Yara Rules

  Language:YARA210