wsummerhill

wsummerhill's Stars

• google/magika

  Detect file content types with deep learning

  Language:Rust7.8k37423413

• mandiant/flare-floss

  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  Language:Python3.2k132478451

• Pennyw0rth/NetExec

  The Network Execution Tool

  Language:Python3.1k27149343

• Azure/PyRIT

  The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.

  Language:Python1.8k23106357

• icyguider/Shhhloader

  Syscall Shellcode Loader (Work in Progress)

  Language:Python1.1k2335181

• mgeeky/ThreadStackSpoofer

  Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

  Language:C++1k271175

• Cracked5pider/Stardust

  A modern 64-bit position independent implant template

  Language:C1k213162

• Meckazin/ChromeKatz

  Dump cookies and credentials directly from Chrome/Edge process memory

  Language:C++1k1212102

• jthuraisamy/TelemetrySourcerer

  Enumerate and disable common sources of telemetry used by AV/EDR.

  Language:C++764304122

• mandiant/SilkETW

  Language:C#7294315122

• RedTeamOperations/Advanced-Process-Injection-Workshop

  Language:C++727160141

• subat0mik/Misconfiguration-Manager

  Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

  Language:PowerShell71416773

• praetorian-inc/PortBender

  TCP Port Redirection Utility

  Language:C67484112

• ShutdownRepo/pywhisker

  Python version of the C# tool for "Shadow Credentials" attacks

  Language:Python58471070

• An0nUD4Y/Evilginx2-Phishlets

  Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes

  Language:CSS5553528239

• Xre0uS/MultiDump

  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.

  Language:C4945462

• ricardojoserf/NativeDump

  Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!!!)

  Language:C#4597464

• JoelGMSec/Invoke-Stealth

  Simple & Powerful PowerShell Script Obfuscator

  Language:PowerShell4548473

• wh0amitz/SharpADWS

  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).

  Language:C#4546246

• iilegacyyii/ThreadlessInject-BOF

  BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.

  Language:C3675252

• jsa2/caOptics

  CA Optics - Azure AD Conditional Access Gap Analyzer

  Language:JavaScript32961128

• nickvourd/COM-Hunter

  COM Hijacking VOODOO

  Language:C#2572247

• PShlyundin/ldap_shell

  AD ACL abuse

  Language:Python2545338

• Krook9d/PurpleLab

  PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection rules, simulate logs, and undertake various security tasks, all accessible through a user-friendly web interface

  Language:PHP2437535

• CyberCX-STA/PurpleOps

  An open-source self-hosted purple team management web application.

  Language:HTML24061935

• mandiant/ccmpwn

  Language:Python1802021

• EvilGreys/Cobalt-Strike-Profiles-for-EDR-Evasion

  Cobalt Strike Profiles for EDR Evasion

  Language:Go1624127

• ZERODETECTION/MSC_Dropper

  Language:Python1241024

• sadreck/Codecepticon

  .NET/PowerShell/VBA Offensive Security Obfuscator

  Language:C#843013

• synacktiv/AADOutsider-py

  Python3 rewrite of AsOutsider features of AADInternals

  Language:Python36302