Giters
753c33686578

753c33686578

Geek Repo

3

followers

3

following

260

stars

Github PK Tool:Github PK Tool

753c33686578's starred repositories

systeminformer

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com

Language:CLicense:MITStargazers:10724Issues:285Issues:1541

RedTeam-Tools

Tools and Techniques for Red Team / Penetration Testing

Stargazers:5709Issues:95Issues:4

IntelOwl

IntelOwl: manage your Threat Intelligence at scale

Language:PythonLicense:AGPL-3.0Stargazers:3652Issues:81Issues:581

teler

Real-time HTTP Intrusion Detection

Language:GoLicense:Apache-2.0Stargazers:2995Issues:51Issues:69

windows_hardening

HardeningKitty and Windows Hardening Settings

Language:PowerShellLicense:MITStargazers:2303Issues:70Issues:60

AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

Language:PowerShellStargazers:2022Issues:77Issues:14

PersistenceSniper

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte

Language:PowerShellLicense:NOASSERTIONStargazers:1862Issues:41Issues:12

WatchAD

AD Security Intrusion Detection System

Language:PythonLicense:GPL-3.0Stargazers:1287Issues:47Issues:44

BokuLoader

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

Language:CLicense:MITStargazers:1237Issues:26Issues:12

SigFlip

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

Language:C#License:MITStargazers:1030Issues:21Issues:11

TeamFiltration

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

Language:C#License:GPL-3.0Stargazers:1023Issues:11Issues:38

ldapnomnom

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)

Language:GoLicense:MITStargazers:981Issues:16Issues:0

Spartacus

Spartacus DLL/COM Hijacking Toolkit

Language:C#License:MITStargazers:970Issues:22Issues:5

SilentMoonwalk

PoC Implementation of a fully dynamic call stack spoofer

Language:C++License:BSD-3-ClauseStargazers:650Issues:11Issues:1

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

Language:PowerShellLicense:GPL-3.0Stargazers:629Issues:16Issues:7

InlineExecute-Assembly

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module

Language:CStargazers:578Issues:17Issues:1

DeathSleep

A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.

Language:PythonStargazers:492Issues:12Issues:1

windows-coerced-authentication-methods

A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.

Language:PythonStargazers:478Issues:10Issues:2

Hunt-Sleeping-Beacons

Aims to identify sleeping beacons

Language:CStargazers:449Issues:5Issues:2

MemFiles

A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk

Language:CStargazers:413Issues:11Issues:1

cypherhound

Python3 terminal application that contains 405 Neo4j cyphers for BloodHound data sets and 388 GUI cyphers

Language:PythonLicense:GPL-3.0Stargazers:369Issues:6Issues:0

KernelBypassSharp

C# Kernel Mode Driver to read and write memory in protected processes

Language:C#License:MITStargazers:355Issues:14Issues:2

bluffy

Convert shellcode into :sparkles: different :sparkles: formats!

Language:PythonLicense:MITStargazers:343Issues:11Issues:1

BokuLoader

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

Language:CLicense:MITStargazers:315Issues:5Issues:0

blackhat-usa-2022-demos

Demos for the Blackhat USA 2022 talk "Taking Kerberos to the Next Level"

Language:PowerShellLicense:GPL-3.0Stargazers:257Issues:7Issues:0

Process-Instrumentation-Syscall-Hook

A simple program to hook the current process to identify the manual syscall executions on windows

Language:CLicense:BSD-2-ClauseStargazers:245Issues:8Issues:0

Lastenzug

Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level

Language:GoStargazers:207Issues:3Issues:1

MirrorDump

Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory

Language:C#Stargazers:101Issues:4Issues:0

encrypt

Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.

Language:C#Stargazers:99Issues:4Issues:1

LocalDllParse

Language:CStargazers:53Issues:4Issues:0