ahaslett's starred repositories
RandomTSScripts
Collection of random RedTeam scripts.
wdk_template
Windows kernel driver template for cmkr (with testsigning).
lolbin-poc
Small PoC of using a Microsoft signed executable as a lolbin.
CheekyBlinder
Enumerating and removing kernel callbacks using signed vulnerable drivers
FreshyCalls
FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!
SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
PowerRemoteDesktop
Remote Desktop entirely coded in PowerShell.
SysWhispers2
AV/EDR evasion via direct system calls.
NimlineWhispers2
A tool for converting SysWhispers2 syscalls for use with Nim projects
log4shell-rex
PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs