bigbrobro's repositories
apollon
Proof-of-Concept to evade auditd by writing /proc/PID/mem
rulego
RuleGo is a lightweight, high-performance, embedded rule engine based on Go language. It can aggregate, distribute, filter, transform, enrich and execute various actions on input messages.
WatchAD2.0
WatchAD2.0是一款针对域威胁的日志分析与监控系统
nemo_go
Nemo是用来进行自动化信息收集的一个简单平台,通过集成常用的信息收集工具和技术,实现对内网及互联网资产信息的自动收集,提高隐患排查和渗透测试的工作效率。
HadesLdr
Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
curlshell
reverse shell using curl
provninja
Evading Provenance-Based ML Detectors with Adversarial System Actions
Spark
✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的,网页UI、跨平台以及多功能的远程控制和监控工具,你可以随时随地监控和控制所有设备。
Etw-SyscallMonitor
Monitors ETW for security relevant syscalls maintaining the set called by each unique process
releases-openstar-Enterprise
releases-openstar-Enterprise
slp
Shell Language Processing (SLP). Pre-processing of sh/bash/zsh/.. commands for Machine Learning models.
mac-monitor
Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.
WhitePondSecurityKG
这是一个网络安全知识图谱开源平台,为网络安全的智能化、体系化开阔新方向,对行业发展贡献绵薄之力。
jxwaf
JXWAF(锦衣盾)是一款开源web应用防火墙
swallow
代码审计自动化系统,底层架构为蜻蜓编排系统,墨菲SCA,fortify,SemGrep,hema
Tailor
Learning graph-based code representations for source-level functional similarity detection. ICSE'23
Mythic
A collaborative, multi-platform, red teaming framework
ZeusCloud
Open Source Cloud Security
cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
canarytokens
Canarytokens helps track activity and actions on your network.
canarytokens-docker
Docker configuration to quickly setup your own Canarytokens.
chisel
A fast TCP/UDP tunnel over HTTP
MemFiles
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
pypykatz
Mimikatz implementation in pure Python
bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
slidecode
XOR-based shellcode encoder
Hades-Windows
Hades HIDS/HIPS for Windows