Tom Magboo's starred repositories
MutationGate
Use hardware breakpoint to dynamically change SSN in run-time
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Pentest-Notes
Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
MicroBurst
A collection of scripts for assessing Microsoft Azure security
DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
KRBUACBypass
UAC Bypass By Abusing Kerberos Tickets
AMSITrigger
The Hunt for Malicious Strings
PSByPassCLM
Bypass for PowerShell Constrained Language Mode
Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
c-reverse-shell
A reverse shell for Windows and Linux written in C.
BlueHatIL-2020
BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET
Anti-DebugNET
C# Anti-Debug and Anti-Dumping techniques using Win32 API functions and tricks.
CheeseTools
Self-developed tools for Lateral Movement/Code Execution
NativePayload_Reverse_tcp
Meterpreter Encrypted Payload by C#
FreshyCalls
FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!
SysWhispers2
AV/EDR evasion via direct system calls.
WheresMyImplant
A Bring Your Own Land Toolkit that Doubles as a WMI Provider
ADLabsReview
Active Directory Labs/exams Review
hash_spider
A module for CME that spiders across a domain.
FunctionStomping
Shellcode injection technique. Given as C++ header, standalone Rust program or library.