Pinned Repositories
atomiccaldera
A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files.
compressedCredBandit
A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.
manual-syscall-detect
A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.
offsecops-shared-library
A collection of scripts used to support an OffSecOps pipeline.
Python-Exploit-Snippets
A collection of Python code snippets to aid in the authoring of Python Based PoCs.
SessionHound
A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo4j database.
shellcode-learning
Working repository to store shellcode I am using to learn.
SysWhispers2
AV/EDR evasion via direct system calls.
Useful-BloodHound-Queries
A collection of Neo4j/BloodHound queries to collect interesting information.
vulnserver-practice
Exploits developed for vulnserver 1.0 for practice.
xenoscr's Repositories
xenoscr/SysWhispers2
AV/EDR evasion via direct system calls.
xenoscr/manual-syscall-detect
A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.
xenoscr/atomiccaldera
A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files.
xenoscr/Useful-BloodHound-Queries
A collection of Neo4j/BloodHound queries to collect interesting information.
xenoscr/SessionHound
A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo4j database.
xenoscr/compressedCredBandit
A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.
xenoscr/SharpMailBOF
A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.
xenoscr/shellcode-learning
Working repository to store shellcode I am using to learn.
xenoscr/Python-Exploit-Snippets
A collection of Python code snippets to aid in the authoring of Python Based PoCs.
xenoscr/xenoscr.github.io
Conor Richard's (@xenoscr) GitHub.io Blog content
xenoscr/Advanced-Process-Injection-Workshop
xenoscr/AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
xenoscr/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
xenoscr/Creality-Ender-3-Max-Marlin-Configuration
Marlin configuration files for the Creality Ender 3 Max with a BL-Touch.
xenoscr/DetectionLab-XenosCR
Automate the creation of a lab environment complete with security tooling and logging best practices
xenoscr/EDRs
xenoscr/experiments
Expriments
xenoscr/lab-scripts
Some scripts I use to help speed up lab machine setups.
xenoscr/loadlibrary
Porting Windows Dynamic Link Libraries to Linux
xenoscr/LOLBAS-1
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
xenoscr/LOLBAS-old
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
xenoscr/NetUser
使用windows api添加用户,可用于net无法使用时.分为nim版,c++版本,RDI版,BOF版。
xenoscr/Proxy-Function-Calls-For-ETwTI
The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/
xenoscr/qmk_firmware
Open-source keyboard firmware for Atmel AVR and Arm USB families
xenoscr/SharpUnhooker
C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)
xenoscr/shellcode-odzhan
Shellcodes for Windows/Linux/BSD running on x86, AMD64, ARM, ARM64
xenoscr/threaded-bucket-finder
A python script to find S3 Buckets for penetration testing or other engagements.
xenoscr/tri-a-gen
Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.
xenoscr/wowGrail
PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)
xenoscr/YubiKey-Guide
Guide to using YubiKey for GPG and SSH