boh

gpt4free

The official gpt4free repository | various collection of powerful language models

shell_gpt

A command-line productivity tool powered by AI large language models like GPT-4, will help you accomplish your tasks faster and more efficiently.

pdfGPT

PDF GPT allows you to chat with the contents of your PDF file by using GPT capabilities. The most effective open source solution to turn your pdf files in a chatbot!

cve

Gather and update all available and newest CVEs with their PoC.

CSharpRepl

A command line C# REPL with syntax highlighting – explore the language, libraries and nuget packages interactively.

EDR-Telemetry

This project aims to compare and evaluate the telemetry of various EDR products.

decider

A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

OffensiveCpp

This repo contains C/C++ snippets that can be handy in specific offensive scenarios.

SysWhispers3WinHttp

Syscall免杀

awesome-gpt-security

A curated list of awesome security tools, experimental case or other interesting things with LLM or GPT.

Security-operation-book

一些常见的安全检测规则及事件

LOOBins

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.

AV-EPP-EDR-Windows-API-Hooking-List

Depending on the AV/EDR we will check which Windows APIs are hooked by the AV/EDR

hades

Go shellcode loader that combines multiple evasion techniques

AutoGPT-Social

Autonomous Instagram bot which creates and optimizes posts to maximize engagement

acheron

indirect syscalls for AV/EDR evasion in Go assembly

process-cloning

The Definitive Guide To Process Cloning on Windows

WindowSpy

WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.

PatchlessCLRLoader

.NET assembly loader with patchless AMSI and ETW bypass

Hunt-Weird-Syscalls

ETW based POC to identify direct and indirect syscalls

Elevate-System-Trusted-BOF

Malware-Analysis

PatchlessInlineExecute-Assembly

Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.

Direct-Syscalls-A-journey-from-high-to-low

Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).

Evasion

SliverC2-Forensics

A collection of tools and detections for the Sliver C2 Frameworj

DynamicFinder

A DLL sideloading utility.

kalisoc

Cloudformation Template to Launch the SOC from Kali Purple

Responder-Parser

Most Responder's configuration power in your hand

ChattyCaty