Giters
Bw3ll

Bw3ll

Geek Repo

75

followers

3

following

30

stars

Github PK Tool:Github PK Tool

Bw3ll's starred repositories

ImmoralFiber

Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)

Language:C++License:MITStargazers:183Issues:0Issues:0

ELFieScanner

A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by threat actors & those which have been incorporated into open-source user-mode rootkits.

Language:C++License:MITStargazers:65Issues:0Issues:0

winbindex

An index of Windows binaries, including download links for executables such as exe, dll and sys files

Language:PythonLicense:GPL-3.0Stargazers:556Issues:0Issues:0

SELKS

A Suricata based IDS/IPS/NSM distro

Language:ShellLicense:GPL-3.0Stargazers:1394Issues:0Issues:0

kestrel-lang

Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.

Language:PythonLicense:Apache-2.0Stargazers:286Issues:0Issues:0

PyRIT

The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.

Language:PythonLicense:MITStargazers:1538Issues:0Issues:0

NimPlant

A light-weight first-stage C2 implant written in Nim.

Language:NimLicense:MITStargazers:745Issues:0Issues:0

CVE-Half-Day-Watcher

Language:PythonLicense:MITStargazers:286Issues:0Issues:0

IDA_Plugin_AntiDebugSeeker

Automatically identify and extract potential anti-debugging techniques used by malware.

Language:PythonLicense:BSD-3-ClauseStargazers:89Issues:0Issues:0

AegiScan

A Static Dataflow Analysis Framework for iOS Applications.

Language:PythonLicense:MITStargazers:41Issues:0Issues:0

Win32_Offensive_Cheatsheet

Win32 and Kernel abusing techniques for pentesters

Language:C++License:MITStargazers:880Issues:0Issues:0

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Language:CLicense:AGPL-3.0Stargazers:23057Issues:0Issues:0

EMO

Emote Portrait Alive: Generating Expressive Portrait Videos with Audio2Video Diffusion Model under Weak Conditions

Stargazers:7272Issues:0Issues:0

Fooocus

Focus on prompting and generating

Language:PythonLicense:GPL-3.0Stargazers:38944Issues:0Issues:0

search-by-image

Browser extension for reverse image search, available for Chrome, Edge and Safari

Language:JavaScriptLicense:GPL-3.0Stargazers:2042Issues:0Issues:0

ROP_ROCKET

ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP. The framework utilizes emulation and obfuscation to help expand the attack surface.

Language:PythonLicense:GPL-3.0Stargazers:88Issues:0Issues:0

MORF

Mobile Reconnaissance Framework

Language:GoLicense:Apache-2.0Stargazers:19Issues:0Issues:0

pentest-muse-cli

Language:PythonLicense:MITStargazers:191Issues:0Issues:0

secrets-patterns-db

Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.

Language:PythonLicense:CC-BY-SA-4.0Stargazers:990Issues:0Issues:0

sharem

SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.

Language:PythonLicense:GPL-3.0Stargazers:322Issues:0Issues:0

weetabix

A C++ PoC implementation for enumerating Windows Fibers directly from memory

Language:C++License:MITStargazers:15Issues:0Issues:0

GhidraScripts

Scripts to run within Ghidra, maintained by the Trellix ARC team

Language:JavaLicense:Apache-2.0Stargazers:69Issues:0Issues:0

syscall_api

Language:AssemblyLicense:MITStargazers:36Issues:0Issues:0

Awesome-Red-Teaming

List of Awesome Red Teaming Resources

License:MITStargazers:6735Issues:0Issues:0

Awesome-Advanced-Windows-Exploitation-References

List of Awesome Advanced Windows Exploitation References

License:GPL-3.0Stargazers:1436Issues:0Issues:0

qsocket

Language:DockerfileLicense:MITStargazers:48Issues:0Issues:0

SigFlip

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

Language:C#License:MITStargazers:1012Issues:0Issues:0

DotDumper

An automatic unpacker and logger for DotNet Framework targeting files

Language:C#License:NOASSERTIONStargazers:244Issues:0Issues:0

WindowsExploitationResources

Resources for Windows exploit development

Stargazers:1490Issues:0Issues:0

de4dot

.NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).

Language:C#License:GPL-3.0Stargazers:29Issues:0Issues:0