Giters
darko (LsvanDarko)

LsvanDarko

Geek Repo

11

followers

43

following

1k

stars

Twitter:@LsvanDarko

Github PK Tool:Github PK Tool

darko's starred repositories

edr-internals

Tools for analyzing EDR agents

Language:C++License:GPL-3.0Stargazers:140Issues:0Issues:0

seccomp-tools

Provide powerful tools for seccomp analysis

Language:RubyLicense:MITStargazers:940Issues:0Issues:0

MrHandler

Linux Incident Response Reporting

Language:HTMLLicense:MITStargazers:71Issues:0Issues:0

grpctunnel

gRPC Tunneling

Language:GoLicense:Apache-2.0Stargazers:87Issues:0Issues:0

easyseccomp

DSL language to write seccomp filters

Language:CLicense:GPL-2.0Stargazers:35Issues:0Issues:0

IconJector

Unorthodox and stealthy way to inject a DLL into the explorer using icons

Language:C++Stargazers:258Issues:0Issues:0

evilarc

Create tar/zip archives that can exploit directory traversal vulnerabilities

Language:PythonStargazers:949Issues:0Issues:0

ghostwire

[Edgeshark] Virtual communication discovery in container hosts

Language:TypeScriptLicense:MITStargazers:8Issues:0Issues:0

turtlefinder

reusable container engine discovery, not only for Edgeshark

Language:GoLicense:MITStargazers:4Issues:0Issues:0

clodl

Turn dynamically linked ELF binaries and libraries into self-contained closures.

Language:StarlarkLicense:BSD-3-ClauseStargazers:164Issues:0Issues:0

CVE-2024-21111

Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability

Language:C++Stargazers:208Issues:0Issues:0

Cave-Finder

Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files

Language:C++License:GPL-3.0Stargazers:57Issues:0Issues:0

lxkns

Discover Linux kernel namespaces in Go. Almost everywhere. Aware of various OCI container engines, even engines in containers.

Language:GoLicense:Apache-2.0Stargazers:40Issues:0Issues:0

core

Common Open Research Emulator

Language:PythonLicense:BSD-2-ClauseStargazers:649Issues:0Issues:0

CrimsonEDR

Simulate the behavior of AV/EDR for malware development training.

Language:CStargazers:406Issues:0Issues:0

Awesome-Cellular-Hacking

Awesome-Cellular-Hacking

Stargazers:2682Issues:0Issues:0

xzbot

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

Language:GoStargazers:3470Issues:0Issues:0

cackle

A code ACL checker for Rust

Language:RustLicense:NOASSERTIONStargazers:181Issues:0Issues:0

mail-in-the-middle

Language:PythonLicense:GPL-3.0Stargazers:88Issues:0Issues:0

fwknop

Single Packet Authorization > Port Knocking

Language:PerlLicense:GPL-2.0Stargazers:1044Issues:0Issues:0

CVE-2024-1086

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

Language:CLicense:MITStargazers:2148Issues:0Issues:0

tracecat

The open source Tines / Splunk SOAR alternative.

Language:PythonLicense:AGPL-3.0Stargazers:2170Issues:0Issues:0

unKover

PoC Anti-Rootkit to uncover Windows Drivers/Rootkits mapped to Kernel Memory.

Language:C++Stargazers:131Issues:0Issues:0

Collect-MemoryDump

Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR

Language:PowerShellLicense:GPL-3.0Stargazers:212Issues:0Issues:0

zed

Code at the speed of thought – Zed is a high-performance, multiplayer code editor from the creators of Atom and Tree-sitter.

Language:RustLicense:NOASSERTIONStargazers:38877Issues:0Issues:0

impulse-xdr

Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.

Language:PythonLicense:NOASSERTIONStargazers:109Issues:0Issues:0

titanldr-ng

A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.

Stargazers:3Issues:0Issues:0

oci-seccomp-bpf-hook

OCI hook to trace syscalls and generate a seccomp profile

Language:GoLicense:Apache-2.0Stargazers:290Issues:0Issues:0

udica

This repository contains a tool for generating SELinux security profiles for containers

Language:PythonLicense:GPL-3.0Stargazers:455Issues:0Issues:0

CarbonCopy

A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux

Language:PythonLicense:Apache-2.0Stargazers:1273Issues:0Issues:0