Ap3x

followers

following

stars

United States

https://ap3x.github.io/

Ap3x's starred repositories

cilium

eBPF-based Networking, Security, and Observability

Language:GoApache-2.019436 312 9612

LIEF

LIEF - Library to Instrument Executable Formats

Language:C++Apache-2.04311 128 795

ghw

Go HardWare discovery/inspection library

Language:GoApache-2.01615 29 131

lessmsi

A tool to view and extract the contents of an Windows Installer (.msi) file.

Language:C#MIT1266 57 128

win32

Public mirror for win32-pr

Language:PowerShellCC-BY-4.01053 540

AntiCheat-Testing-Framework

Framework to test any Anti-Cheat

Language:C++782 400

Windows10-CustomKernelSigners

Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSigners

Language:C++625 20 7

SOREL-20M

Sophos-ReversingLabs 20 million sample dataset

Language:PythonApache-2.0619 31 23

GoRedOps

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.

Language:GoUnlicense305 50

COM-Hunter

COM Hijacking VOODOO

Language:C#MIT250 2 2

KExecDD

Admin to Kernel code execution using the KSecDD driver

Language:C228 2 2

malware_api_class

Malware dataset for security researchers, data scientists. Public malware dataset generated by Cuckoo Sandbox based on Windows OS API calls analysis for cyber security researchers

Language:PythonMIT221 8 2

The_Shelf

Retired TrustedSec Capabilities

Language:PythonNOASSERTION214 250

gdrv-loader

Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities) to load a unsigned driver

Language:C208 20

illusion-rs

Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)

Language:RustMIT206 4 16

MDE_Enum

comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges

Language:C#MIT191 4 1

reverse-engineering-workshop

Slides & Hands-on for the reverse engineering workshop

ntoskrnl

The Windows Research Kernel (WRK)

Language:C166 40

Venoma

Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution

Language:C++151 7 4

PPLSystem

Language:RustMIT151 4 4

DirtyCLR

An App Domain Manager Injection DLL PoC on steroids

Language:C#GPL-3.0150 20

Threat-Actors-use-of-Artifical-Intelligence

ItsNotASecurityBoundary

Language:CNOASSERTION12200

user-kernel-syscall-hook

Language:RustMIT73 20

KReClassEx

Kernel ReClassEx

Language:C++MIT60 10

TS-Changer

TS-Changer - Forces the machine in/out of TestSigning Mode at runtime.

Language:C++MIT58 2 4

MSFT_DriverBlockList

Repository of Microsoft Driver Block Lists based off of OS-builds

MIT36 20

IPC-demo

Linux Inter Process Communication examples

Language:C36 10

DumpDriver

Language:C++33 20

VerifierDLL

Example of building an application verifer DLL

Language:C++MIT30 20