Adam's starred repositories
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbook
WinDbg-Samples
Sample extensions, scripts, and API uses for WinDbg.
Ghidrathon
The FLARE team's open-source extension to add Python 3 scripting to Ghidra.
forensictools
Collection of forensic tools
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
WinDbg_Scripts
Useful scripts for WinDbg using the debugger data model
arttoolkit.github.io
A RedTeam Toolkit
PCAP-ATTACK
PCAP Samples for Different Post Exploitation Techniques
MDE-DFIR-Resources
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
python-for-cybersecurity
This repository holds the Python scripts discussed in the Infosec Institute's Python for Cybersecurity learning Path
CVE-2024-26229
CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
EDRSandblast-GodFault
EDRSandblast-GodFault
Packer_Development
Slides & Code snippets for a workshop held @ x33fcon 2024
windows-security-internals
A repository for additional files related to the book Windows Security Internals with PowerShell from No Starch Press.
Events-Ripper
Project based on RegRipper, to extract add'l value/pivot points from TLN events file
CVE-2024-26229-exploit
Windows LPE
CVE-2024-21345
Proof-of-Concept for CVE-2024-21345
Microsoft-ASR-to-MITRE-ATTACK-Mapping-Project
This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their corresponding ATT&CK techniques. The primary goal is to enhance the understanding of how ASR rules align with the ATT&CK framework.
CVE-2024-21338
PoC for the Untrusted Pointer Dereference in the appid.sys driver