yuimamur's Stars
N3tworkSec/N3tstatIDS
Lightweight Endpoint Detection & Response (EDR) Framework
nasbench/Creds
Some usefull Scripts and Executables for Pentest & Forensics
zshehri/MITRE_EDR_Eval
Parsing MITRE EDR Evaluation results
jymcheong/ExploitCapcom
This is a standalone exploit for a vulnerable feature in Capcom.sys
jymcheong/InjectProc
InjectProc - Process Injection Techniques
jymcheong/PowerShdll
Run PowerShell with rundll32. Bypass software restrictions.
jymcheong/DccwBypassUAC
Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".
jymcheong/PSAttack
A portable console aimed at making pentesting with PowerShell a little easier.
rabbitstack/fibratus
A modern tool for Windows kernel exploration and tracing with a focus on security
op7ic/SocialEngineeringPayloads
This is a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks.
op7ic/EDR-Testing-Script
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
zshehri/SocialEngineeringPayloads
This is a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks.
zeroperil/HookDump
Security product hook detection
VirtualAlllocEx/Payload-Download-Cradles
This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.
FourCoreLabs/EDRHunt
Scan installed EDRs and AVs on Windows
Viralmaniar/DDWPasteRecon
DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can collect and analyse data from these indexed pastesites to better protect against unknown threats.
Viralmaniar/Phirautee
A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.
leechristensen/Random
Assorted scripts and one off things
ChrisTruncer/PenTestScripts
Scripts that are useful for me on pen tests
nccgroup/redsnarf
RedSnarf is a pen-testing / red-teaming tool for Windows environments
dafthack/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
Sh3lldor/PVT
PCAP visualization tool
Viralmaniar/Powershell-RAT
Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
AnderMoralDiaz/slam-ransomware-builder
a ransomware compiler that uses the AES256 encryption algorithm, uses vulnerabilities of all kinds and is 100% configurable. In the future the following functions will be added: ransomware mbr, screen locker and LogonUI overwriter it has features that NO OTHER COMPILER HAS, it is completely free and easy to use.
bats3c/Ghost-In-The-Logs
Evade sysmon and windows event logging
bhassani/StopDefender
Stop Windows Defender programmatically
aidielse/Rootkits-Playground
fun rootkits stuff!
asaurusrex/Probatorum-EDR-Userland-Hook-Checker
Project to check which Nt/Zw functions your local EDR is hooking
gharty03/Malware-Samples
A library of Advanced Persistent Threat malware samples that I have obtained in my free time. All samples are live and should be handled with extreme caution on an air-gapped computer.
GossiTheDog/SystemNightmare
Gives you instant SYSTEM command prompt on all supported and legacy versions of Windows