TaxMachine's starred repositories
EDR-XDR-AV-Killer
Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
CallStackMasker
A PoC implementation for dynamically masking call stacks with timers.
enderdragon
Ghidra in Minecraft
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
execve-asm
Executing a command with ASM
DiscordIPC
Connect locally to the Discord client using IPC for a subset of RPC features like Rich Presence and Activity Join/Spectate
imgui-console
Console Widget for Dear ImGui
CLR-Injection
Use CLR to inject all the .NET apps
github-stats-transparent
Automatically generate summary GitHub statistics images for your profile using Actions, no server required
BrowserStealer
Simple password/cookies/history/bookmarks stealer/dumper for chrome all version (includes 80+), microsoft edge browser,includes all chromium based browsers, and all gecko based browser (firefox etc.).
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
discord-injection
Discord HTTP requests interception POC, including backup codes requests, for educational purposes only.
SymProcAddress
Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)
native-obfuscator
Java .class to .cpp converter for use with JNI
HideStaticReferences
Research into removing strings & API call references at compile-time (Anti-Analysis)
NorthSec2024
NorthSec 2024 CTF Writeups (Cubermitis)
NorthSec2023
NorthSec 2023 CTF Writeups (Cubermitis)
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
tiny_tracer
A Pin Tool for tracing API calls etc
writing_nimless
Writing Nimless Nim - Slides and source for BSIDESKC 2024 talk.
wallets-injection
Exodus and Atomic crypto wallets app.asar injection POC (captures mnemonic and password) for educational purposes only.
ZenithProxy
2b2t minecraft proxy