binlmmhc's repositories
security-blog
收集的恶意软件相关的博客地址
Advanced-Threat-Detection-Research
收集从端到网的高级威胁检测研究报告
1earn
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
2022-HW-POC
2022 护网行动 POC 整理
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
atc-react
A knowledge base of actionable Incident Response techniques
awesome-memory-forensics
A curated list of awesome Memory Forensics for DFIR
cve-2022-41352-zimbra-rce
Zimbra <9.0.0.p27 RCE
funchook
Hook function calls by inserting jump instructions at runtime
Gepetto
IDA plugin which queries OpenAI's davinci-003 language model to speed up reverse-engineering
go-strip
清除Go编译时自带的信息
GoReSym
Go symbol recovery tool
Havoc
The Havoc Framework.
IDARustDemangler
Rust Demangler & Normalizer plugin for IDA
Landray-OA-Treexml-Rce
蓝凌OA远程代码执行漏洞批量检查
PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
PVT
PCAP visualization tool
pycdc
C++ python bytecode disassembler and decompiler
RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
RmEye
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
sysmon-modular
A repository of sysmon configuration modules
tinyxml2
TinyXML2 is a simple, small, efficient, C++ XML parser that can be easily integrated into other programs.
xpid
Linux Process Discovery. C Library, Go bindings, Runtime.
yeti
Your Everyday Threat Intelligence