Giuseppe Massaro's repositories
ALPCLogger
Log ALPC activity
amsiscanner
A C/C++ implementation of Microsoft's Antimalware Scan Interface
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
awesome-yara
A curated list of awesome YARA rules, tools, and people.
CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
experiments
Expriments
kHypervisor
kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x
openai-api-rs
OpenAI API client library for Rust (unofficial)
ppdump-public
Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDump() Shellcode
ransomware_notes
An archive of ransomware notes past and present
raw-socket-sniffer
Packet capture on Windows without a kernel driver
RemotePSpy
RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShell which do not have comprehensive logging facilities built in.
Simpleator
Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
TheBigPromptLibrary
A collection of prompts, system prompts and LLM instructions
wasi-fs-access
This is a demo shell powered by WebAssembly, WASI, Asyncify and File System Access API.
WinAltSyscallHandler
Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999